CrowdStrike Asset Graph provides unprecedented visibility of assets in an IT environment to optimize cyber defense strategies and manage risk
CrowdStrike (Nasdaq: CRWD), a leader in cloud-delivered protection of endpoints, cloud workloads, identity and data, today introduced CrowdStrike Asset Graph, a new graph database powered by the CrowdStrike Security Cloud that provides IT and security leaders with a 360-degree view into all assets (both managed and unmanaged) alongside unprecedented visibility into their attack surface across devices, users, accounts, applications, cloud workloads, operational technology (OT) and more to simplify IT operations and stop breaches.
As organizations accelerate their digital transformation, they are expanding their attack surface exponentially. This has dramatically increased their risk exposure to adversaries who are discovering and exploiting these soft targets and vulnerabilities faster than IT and security teams can discover them. Visibility is one of the foundational principles of cybersecurity because you cannot secure and defend the assets you don’t know exist. This, in turn, creates a race between adversaries and companies’ IT and security teams to find these blind spots. According to a 2022 report from Enterprise Strategy Group (ESG), “69% of organizations have experienced a cyberattack in which the attack itself started through the exploit of an unknown, unmanaged, or poorly managed internet-facing asset.”
CrowdStrike Asset Graph solves this problem by dynamically monitoring and tracking the complex interactions between assets, providing a single holistic view of the risks those assets pose. While other solutions simply provide a list of assets without context, Asset Graph provides graphic visualizations of the relationships between all assets such as devices, users, accounts, applications, cloud workloads and OT, along with the rich context necessary for proper security hygiene and proactive security posture management to reduce risk in their organizations.
“Digital transformation has led to an equal and pronounced acceleration of security transformation in the modern enterprise. For companies furthest along on this journey, IT operations and security teams – once distinct silos – are converging, creating a far more proactive posture when it comes to security and risk management,” said Amol Kulkarni, chief product and engineering officer at CrowdStrike. “Built specifically to address this new dynamic, CrowdStrike Asset Graph lets organizations see the assets they have and how they interact with each other, helping them make informed, risk-based decisions – from security to IT performance, utilization, capacity, license management and more – to proactively protect and manage their IT environment.”
Bridging the gap between IT operations and security
The CrowdStrike Falcon platform was purpose-built with a cloud-native architecture to harness vast amounts of high-fidelity security and enterprise data, and deliver solutions through a single, lightweight agent to keep customers ahead of today’s sophisticated adversaries.
CrowdStrike’s groundbreaking graph technologies, which started with the company’s renowned Threat Graph, form a powerful, seamless and distributed data fabric, interconnected into a single cloud – the Security Cloud – that powers the Falcon platform and CrowdStrike’s industry-leading solutions. Using a combination of AI and behavioral pattern-matching techniques to correlate and contextualize information in the vast data fabric, CrowdStrike’s graphs create a “collect data once, reuse it multiple times” approach to solving the biggest problems that customers face. With the introduction of Asset Graph, CrowdStrike is applying this same approach to solving customers’ hardest, unmet challenges with an eye to proactive security, as well as unprecedented IT visibility and risk management.
The three highly-advanced graph technologies underpinning the Falcon platform now include:
- Threat Graph: CrowdStrike’s industry-defining Threat Graph takes trillions of security data points from millions of sensors, enriched by threat intelligence data and third-party sources, to identify and link threat activity together to provide full visibility of attacks and automatically prevent threats in real-time across CrowdStrike’s global customer base.
- Intel Graph: By analyzing and correlating massive amounts of data on adversaries, their victims and their tools, Intel Graph provides unrivaled insights on the shifts in tactics and techniques, powering CrowdStrike’s adversary-focused approach with world-class threat intelligence.
- Asset Graph: With this release, CrowdStrike is solving one of the most complex customer problems today: identifying assets, identities and configurations accurately across all systems including cloud, on-premises, mobile, Internet of Things (IoT) and more, and connecting them together in a graph form. Unifying and contextualizing this information will lead to powerful new solutions that transform how organizations enforce security hygiene and dynamically manage their security posture.
CrowdStrike Asset Graph will enable new Falcon modules and features built on top of it to define, monitor and explore the relationships between assets within an organization. The first Falcon module to use Asset Graph is Falcon Discover (Security Hygiene), which includes the following enhancements:
- Newly enhanced dashboards, highly customizable filters and sharing options: IT teams can tailor their experience of Asset Graph’s map visualization and powerful search capabilities, all presented conveniently within the Falcon Discover console.
- New third-party data integration with ServiceNow: Combining this integration with Asset Graph and Falcon Discover, IT teams gain another layer of asset visibility around devices in a single console, providing enhanced monitoring over unmanaged and unsupported assets.
“It’s a cliche for a reason. You can’t protect what you can’t see. The first step in wrangling shadow IT or shining a light on blind spots is understanding what assets you have to secure and how those are interacting with unforeseen insecure assets,” said Juan Jose Chang, CISO at Bladex. “We believe that Falcon Discover combined with CrowdStrike Asset Graph will be the difference between using a flashlight versus a row of street lamps to see where you’re going.”
- For more information on CrowdStrike Asset Graph and enhancements to Falcon Discover, please visit our blog.
CrowdStrike (Nasdaq: CRWD), a global cybersecurity leader, has redefined modern security with one of the world’s most advanced cloud-native platforms for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity and data.
Powered by the CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon® platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities.
Purpose-built in the cloud with a single lightweight-agent architecture, the Falcon platform delivers rapid and scalable deployment, superior protection and performance, reduced complexity and immediate time-to-value.