CrowdStrike is a global cybersecurity leader that has redefined modern security with the world’s most advanced cloud-native platform for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity, and data.
Powered by the CrowdStrike Security Cloud, the CrowdStrike Falcon® platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities.
Purpose-built in the cloud, the Falcon platform enables partners to rapidly build best-in-class integrations to deliver customer-focused solutions that provide scalable deployment, superior protection and performance, reduced complexity and immediate time-to-value.
The Cybersixgill and CrowdStrike integration makes it easy to gain deeper visibility and advanced context of IOCs from the deep and dark web — providing an enhanced level of detection and protection for your organization. With Cybersixgill Darkfeed, CrowdStrike users can proactively protect against threats with automated intelligence in real-time. Darkfeed is the most comprehensive, automated IOC enrichment solution, powered by Cybersixgill’s data lake of underground threat intelligence. It delivers contextual insights to enrich endpoint protection in real-time – straight from the CrowdStrike Falcon dashboard.
Incident response security teams can automatically enrich IOCs from CrowdStrike Falcon (machine-to-machine), and gain unparalleled context with essential explanations of IOCs. Malware researchers can hunt for malicious indicators of compromise in organizational networks and conduct deep analysis of malware available for download on the deep and dark web. Users can then pivot to the Cybersixgill Investigative Portal to further investigate threat actors and contexts in order to protect their organization’s most critical assets.
Automatically gain access to remediation information for each vulnerability directly from NVD, MITRE and other vendor sites.
Receive a full intelligence picture of the vulnerability, complete with context – including a comprehensive audit trail of the data we have collected on the actors and their discourse, exploit kits, attribution to malware, APT and ransomware. This includes a score of the likelihood a vulnerability will be exploited over the next 90 days, hours after the CVE is first published. Unlike CVSS, this score is continually updated in real-time in response to the threat intelligence we gather.
Map vulnerabilities to MITRE ATT&CK framework to anticipate how, when or why criminals will exploit each vulnerability, listing the CVEs used in the context of each technique to assess the risk to your organization and prioritize remediation efforts.
Accurately match organizational CPEs identified in step 1 to specific, related vulnerabilities (CVEs) to determine which vulnerabilities are exposing your systems to attack.
Discover and scope the relevant organizational assets (ie. CPEs) and vulnerabilities (ie CVEs) or identify specific CPEs and CVEs that are of interest.