Cohesity Integrates CrowdStrike Threat Intelligence into Data Protection Platform

Data security provider Cohesity has added CrowdStrike threat intelligence to its flagship data protection platform.

Specifically, the company announced the general availability of Cohesity Data Cloud integration with CrowdStrike Falcon Adversary Intelligence. Cohesity likened this move to the "bring your own" — or BYO — model, such as in BYOD (bring your own device) scenarios. In this case, instead of employees bringing their own devices to work, organizations can bring their own threat intelligence functionality to Cohesity's data protection platform.

"Our latest collaboration with CrowdStrike, one of our inaugural Data Security Alliance partners, allows customers to bring their own (BYO) cyber threat intelligence," Cohesity said in a blog post. "The addition of CrowdStrike's world-class threat intelligence feeds, which tracks over 250 adversaries — exposing their activity, tools, and tradecraft — while incorporating indicators of compromise (IOCs), allows customers to detect the latest threats with higher fidelity and accuracy and enhance the effectiveness and efficiency of their response activities."

The move expands Cohesity's strategic partnership with CrowdStrike, a partnership that now has its own website which lists use cases for the new integration:

  • Threat hunting: Integrate threat intelligence feeds from Falcon Adversary Intelligence to identify threats within your Cohesity data with higher fidelity.
  • Forensic analysis and response: Use the latest threat intel feeds to hunt for threats in your backups across data centers and edge locations -- without interruptions from cyber incidents.
  • Data recovery: Use the latest threat intel feeds to identify IOCs before restoration, minimizing the risk of reattack.
  • Threat detection: Speed up threat detection by enriching CrowdStrike Falcon LogScale logs with data security insights on anomalies, sensitive data, and threats within your Cohesity data.

Cohesity said Falcon Adversary Intelligence delivers custom IOCs derived from the automated analysis of threats that reach an organization's endpoints. One bit of functionality highlighted in the announcements is the ability to run threat hunts on backup copies of data, which lets organizations stealthily investigate where the attacker has persistence. The ability to investigate out-of-band helps prevent adversaries from enacting countermeasures, the company said. Because detection occurs on secondary data rather than the host itself, Cohesity's ability to discover IOCs is not impacted by incident containment activities that might isolate hosts and networks.

High-Level Workflow
[Click on image for larger view.] High-Level Workflow (source: Cohesity).

"By implementing Cohesity's clean room design and integrated tooling, customers gain specialized forensic capabilities to analyze malware, investigate breaches, and understand attack vectors without risking contamination of their broader IT environment," the company said in a news release.

"Elevating your organization's threat detection and response is crucial in today's threat environment, especially with AI at the disposal of cyber adversaries," commented Cohesitys CTO Craig Martell, in a statement. "Secondary data estates offer a perfect opportunity for minimizing attackers' advantages and, together with CrowdStrike, our customers can enhance their threat hunting and response and while also automating defenses across their security stack."

For more information, visit the Cohesity site.

About the Author

David Ramel is an editor and writer at Converge 360.

Featured

  • glowing blue nodes connected by thin lines in an abstract network on a dark gray to black gradient background

    Gartner Report: Generative AI Taking Over SD-WAN Management

    In a few years, nearly three quarters of network operators will use generative AI for SD-WAN management, according to a new report from market research firm Gartner.

  • digital network grid shows lines and nodes, with one node highlighted in red

    3 in 4 Education Institutions Have Uncovered a Cyber Attack on Their Infrastructure in the Past Year

    Seventy-seven percent of institutions across K-12 and higher education have identified a cyber attack on their infrastructure within the past 12 months, according to a new survey from cybersecurity company Netwrix.

  • person signing a bill at a desk with a faint glow around the document. A tablet and laptop are subtly visible in the background, with soft colors and minimal digital elements

    California Governor Signs Off on AI Content Safeguard Laws

    California Governor Gavin Newsom has officially signed a series of landmark artificial intelligence bills into law, signaling the state’s latest efforts to regulate the burgeoning technology, particularly in response to the misuse of sexually explicit deepfakes. The legislation is aimed at mitigating the risks posed by AI-generated content, as concerns grow over the technology's potential to manipulate images, videos, and voices in ways that could cause significant harm.

  • landscape photo with an AI rubber stamp on top

    California AI Watermarking Bill Supported by OpenAI

    OpenAI, creator of ChatGPT, is backing a California bill that would require tech companies to label AI-generated content in the form of a digital "watermark." The proposed legislation, known as the "California Digital Content Provenance Standards" (AB 3211), aims to ensure transparency in digital media by identifying content created through artificial intelligence. This requirement would apply to a broad range of AI-generated material, from harmless memes to deepfakes that could be used to spread misinformation about political candidates.