The technology behind CrowdStrike’s cybersecurity solution relies on lightweight agents or sensors to monitor threats and collect critical security data. As organizations have learned, some agents can be easier than others.
“When you look at them, they are often not easy; It takes a lot of effort to install and they have to be restarted,” said Michael Sentonas (pictured), chief technology officer at CrowdStrike Holdings Inc. “We have an intelligent agent with intelligent filtering built in, so we’re very careful with that of the data, that we raise. I’ve spoken to organizations who said that based on their past experience, they planned to launch our product in 18 months, and we did it in seven weeks. This is a lightweight agent.”
Sentonas spoke with theCUBE Industry Analyst Dave Vellante during theCUBE @ Fal.Con 2022, an exclusive broadcast on theCUBE, SiliconANGLE Media’s live streaming studio. They discussed expanding CrowdStrike’s partner network and how the company has built a unique telemetry processing engine for enterprise security. (*Disclosure below.)
Third party growing data
CrowdStrike’s use of lightweight agents to pull telemetry data from a variety of sources formed the basis of several key announcements at this week’s Fal.Con. This included news that its Falcon Insight product with advanced detection and response, or XDR, would add third-party telemetry from CrowdStrike’s growing partner network.
“My keynote speech was to show everyone the work we’ve done bringing in data from Zscaler and Proofpoint,” said Sentonas. “We have announced that we will be pulling telemetry data from Palo Alto Networks, Microsoft and others. XDR is about first-party and third-party integration and having all telemetry working together.”
As Sentonas explained, CrowdStrike built its own engine to process the massive amount of telemetry data and increase the response speed required for it.
“We had to build the technology from scratch,” Sentonas said. “Today we process over 7 trillion events every week. The reason why I think we stand alone in electronic data exchange is because of the time component; We just have so much context that makes it easy for the threat hunter. Speed and ease of use are key in the cyber space.”
Here is the full video interview, part of SiliconANGLE and theCUBE’s coverage of theCUBE @ Fal.Con 2022:
(*Disclosure: CrowdStrike Holdings Inc. sponsored this segment of theCUBE. Neither CrowdStrike nor any other sponsors have editorial control over content on theCUBE or SiliconANGLE.)