CrowdStrike Drives Protection Across Broad Attack Surface via Abnormal Investment and Partnership

CrowdStrike Drives Protection Across Broad Attack Surface via Abnormal Investment and Partnership

By Greg Tavarez

The constant evolution and rise of digital technologies is increasing the amount of sensitive information stored online. That is, motivation for attackers to look for new and creative ways to breach security systems and steal data.

The result? Multi-channel cyberattacks.

Multi-channel cyberattacks refer to attacks that leverage multiple methods of attack across various digital channels to target victims. In other words, rather than relying on a single vector of attack, attackers use a combination of tactics to achieve their goals.

Here is an example. A multi-channel cyberattack starts with a phishing email that contains a link to a fake login page. Once the victim enters their login credentials, the attacker can gain access to their account and use it to send more phishing emails to the victim's contacts or spread malware across the victim's network.

To protect against these attacks, organizations need to implement a multi-layered security strategy. (Possibly a strategy that combines XDR with behavioral AI.)

To make that happen, CrowdStrike and its strategic investment vehicle, CrowdStrike Falcon Fund, have invested in Abnormal Security.

But that’s not all.

CrowdStrike and Abnormal are also entering into a strategic technology partnership that integrates the CrowdStrike Falcon platform with the Abnormal platform to offer email and endpoint attack detection and response with automated account remediation.

But before diving into the partnership’s integration, let’s take a look at a long-story-short version of the organizations involved.

CrowdStrike is a provider of cloud-delivered protection of endpoints, cloud workloads, identity and data. The CroudStrike Falcon Fund is focused on global, cross-stage investments in companies that provide differentiated capabilities. The Fund does not lead rounds, but does co-invest as a strategic partner alongside lead investors.

Abnormal Security, on the other hand, is a company that offers a security platform using machine learning to stop sophisticated email attacks that bypass traditional solutions. The platform analyzes the risk of every cloud email event using identity and context and detects compromised accounts, prevents inbound email attacks, and remediates emails in milliseconds.

“Abnormal Security’s innovative risk-aware, AI-based security platform offers high-efficacy protection against sophisticated email attacks and automatic remediation of compromised accounts, making them both an attractive investment and technology partner,” said Michael Sentonas, president at CrowdStrike. “Their behavioral AI vision is closely aligned with CrowdStrike’s AI/ML approach.”

The initial technology integration between Abnormal and CrowdStrike delivers bi-directional threat detection and response. Here is how the process works. When the CrowdStrike Falcon platform detects risk, an account takeover case is automatically created within the Abnormal platform. Security analysts or autonomous policies then act. This includes forcing step-up authentication, logging out users, terminating sessions and even mandating a password reset. When Abnormal detects an email account compromise, a real-time alert automatically adds the targeted user to the Falcon Watched Users list for re-authentication and investigation.

“Email and endpoint devices are highly attacked entry points into an organization, and while rapid detection and response is key, it has been limited by the manual effort required to integrate siloed data from multiple solutions,” said Evan Reiser, co-founder and CEO at Abnormal Security. “The partnership between our two businesses will break down data silos and deliver consolidated solutions for the XDR era.”

And customers are already validating the partnership.

Comfort Systems USA, which builds, supports and maintains critical building systems, will have better protection against attacks that are often not detected by traditional solutions because of the Abnormal and CrowdStrike partnership.

“With the ability to correlate user behavior events across endpoints, email and authentication sources, our security team can quickly uncover account takeover attacks and take preventative measures,” said Christopher Chambers, Vice President of Information Security at Comfort Systems USA.

Besides delivering better protection across a broad attack surface, the partnership also puts Abnormal into the CrowdXDR Alliance.

Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

Related Articles

Say Goodbye to Passwords: 1Password Unveils Two Passkey Innovations

By: Greg Tavarez    6/9/2023

1Password now offers customers the ability to save and sign into online accounts with passkeys as well as unlocking 1Password accounts with a passkey.

Read More

Industrial Cybersecurity Transformed: Secureworks Launches Integrated MDR Solution for OT and IT

By: Greg Tavarez    6/8/2023

Secureworks announced two new offerings to unify the way industrial organizations prevent, detect and respond to threats across the OT and IT landscap…

Read More

K8 Notifier: A New Twist on Cloud Cybersecurity

By: Matthew Vulpis    6/8/2023

K8 Notifer can create a suite of alerts for MSP to detect suspicious activity in the configuration and patterns of their and their customers cloud ser…

Read More

Impossible Cloud Paves Way with New Program in the Web3 Era

By: Greg Tavarez    6/8/2023

Impossible Cloud's Partner Program allows partners and resellers to seamlessly implement, demo and integrate its efficient, performance-driven solutio…

Read More

CrowdStrike Empowers Next-Gen Cybersecurity with Generative AI

By: Stefania Viscusi    6/8/2023

Security company CrowdStrike unveiled Charlotte AI, a new generative AI cybersecurity that will help to democratize security and empower users of the …

Read More