CrowdStrike has introduced CrowdStrike Asset Graph, a new graphical database powered by the CrowdStrike Security Cloud that provides IT and security leaders with a 360-degree view of all assets (both managed and unmanaged).
It also provides insights into their attack surface across devices, users, accounts, applications, cloud workloads, operational technology (OT), and more to simplify IT operations and stop breaches, the company said.
According to CrowdStrike, visibility is one of the fundamental principles of cybersecurity because companies cannot secure and defend the assets they don’t know exist. This, in turn, creates a race between adversaries and companies’ IT and security teams to find these blind spots.
According to a 2022 Enterprise Strategy Group (ESG), report, “69% of organizations have experienced a cyber attack where the attack itself started by exploiting an unknown, unmanaged or mismanaged internet asset.”
CrowdStrike Asset Graph aims to solve this problem by dynamically monitoring and tracking the complex interactions between assets, providing a holistic view of these assets’ risks.
While other solutions provide a list of assets without context, Asset Graph provides graphical visualizations of the relationships between all assets, such as devices, users, accounts, applications, cloud workloads, and OT, along with the rich context necessary for good security hygiene and proactiveness. Security posture management to mitigate the risks in their organizations.
CrowdStrike chief product and engineering officer Amol Kulkarni said: “Digital transformation has led to an equal and pronounced acceleration of security transformation in the modern enterprise. For companies furthest along this journey, IT operations and security teams – once separate silos – come. They were together, creating a more proactive stance and risk management.
PuPurrtance pose-built to address these new dynamics, CrowdStrike Asset Graph shows organizations what resources they have and how they interact with each other so they can make informed, risk-based decisions – from security to IT performance, utilization, capacity, license management, and more – to protect and manage their IT environment proactively.”
The CrowdStrike Falcon platform is purpose-built with a cloud-native architecture to leverage large amounts of high-fidelity security and enterprise data and deliver solutions through a single, lightweight agent to help customers stay ahead of advanced threats.
CrowdStrike’s graphing technologies, which started with the company’s Threat Graph, form a distributed data structure interconnected in a single cloud, the Security Cloud, which powers CrowdStrike’s Falcon platform and solutions.
Using AI and behavioral pattern-matching techniques to correlate and contextualize information across the vast data structure, CrowdStrike’s graphs create a “gather data once, reuse multiple times” approach.
According to CrowdStrike, the three graphics technologies underlying the Falcon platform now include:
Threat Graph: CrowdStrike’s industry-defining Threat Graph takes trillions of security data points from millions of sensors, enriched with threat intelligence and third-party sources, to identify and link threat activities to provide complete visibility of attacks and automatically prevent threats in real-time in CrowdStrike’s global customer base.
Intel Graph: By analyzing and correlating large amounts of data about adversaries, their victims, and their tools, Intel Graph provides unparalleled insights into the shifts in tactics and techniques, powering CrowdStrike’s adversary approach with world-class threat intelligence.
Asset Graph: This release allows users to accurately identify assets, identities, and configurations across all systems, including cloud, on-premises, mobile, Internet of Things (IoT), and more, and connect them in a graph form. The company said that unifying and contextualizing this information will lead to new solutions that will change how organizations enforce security hygiene and manage their security posture.
CrowdStrike states that Asset Graph will enable new Falcon modules and functions built on them to define, monitor and explore the relationships between assets within an organization. The first Falcon module to use Asset Graph is Falcon Discover (Security Hygiene), which includes the following improvements:
Newly improved dashboards, customizable filters, and sharing options: IT teams can customize their experience with Asset Graph’s map visualization and powerful search capabilities, all conveniently presented in the Falcon Discover console.
New Third-Party Data Integration with ServiceNow: Combining this integration with Asset Graph and Falcon Discover, IT teams gain a new layer of asset visibility around devices in a single console, providing enhanced monitoring of unmanaged and unsupported assets.
