Cohesity Integrates CrowdStrike Threat Intelligence into Data Protection Platform

Data security provider Cohesity has added CrowdStrike threat intelligence to its flagship data protection platform.

Specifically, the company announced the general availability of Cohesity Data Cloud integration with CrowdStrike Falcon Adversary Intelligence. Cohesity likened this move to the "bring your own" — or BYO — model, such as in BYOD (bring your own device) scenarios. In this case, instead of employees bringing their own devices to work, organizations can bring their own threat intelligence functionality to Cohesity's data protection platform.

"Our latest collaboration with CrowdStrike, one of our inaugural Data Security Alliance partners, allows customers to bring their own (BYO) cyber threat intelligence," Cohesity said in a blog post. "The addition of CrowdStrike's world-class threat intelligence feeds, which tracks over 250 adversaries — exposing their activity, tools, and tradecraft — while incorporating indicators of compromise (IOCs), allows customers to detect the latest threats with higher fidelity and accuracy and enhance the effectiveness and efficiency of their response activities."

The move expands Cohesity's strategic partnership with CrowdStrike, a partnership that now has its own website which lists use cases for the new integration:

  • Threat hunting: Integrate threat intelligence feeds from Falcon Adversary Intelligence to identify threats within your Cohesity data with higher fidelity.
  • Forensic analysis and response: Use the latest threat intel feeds to hunt for threats in your backups across data centers and edge locations -- without interruptions from cyber incidents.
  • Data recovery: Use the latest threat intel feeds to identify IOCs before restoration, minimizing the risk of reattack.
  • Threat detection: Speed up threat detection by enriching CrowdStrike Falcon LogScale logs with data security insights on anomalies, sensitive data, and threats within your Cohesity data.

Cohesity said Falcon Adversary Intelligence delivers custom IOCs derived from the automated analysis of threats that reach an organization's endpoints. One bit of functionality highlighted in the announcements is the ability to run threat hunts on backup copies of data, which lets organizations stealthily investigate where the attacker has persistence. The ability to investigate out-of-band helps prevent adversaries from enacting countermeasures, the company said. Because detection occurs on secondary data rather than the host itself, Cohesity's ability to discover IOCs is not impacted by incident containment activities that might isolate hosts and networks.

High-Level Workflow
[Click on image for larger view.] High-Level Workflow (source: Cohesity).

"By implementing Cohesity's clean room design and integrated tooling, customers gain specialized forensic capabilities to analyze malware, investigate breaches, and understand attack vectors without risking contamination of their broader IT environment," the company said in a news release.

"Elevating your organization's threat detection and response is crucial in today's threat environment, especially with AI at the disposal of cyber adversaries," commented Cohesitys CTO Craig Martell, in a statement. "Secondary data estates offer a perfect opportunity for minimizing attackers' advantages and, together with CrowdStrike, our customers can enhance their threat hunting and response and while also automating defenses across their security stack."

For more information, visit the Cohesity site.

About the Author

David Ramel is an editor and writer for Converge360.

Featured

  • a stylized magnifying glass and a neural network pattern with interconnected nodes, symbolizing search and AI processes

    OpenAI Launching AI-Powered Search Engine

    OpenAI has unveiled SearchGPT, a new AI-powered search engine designed to access information from across the internet in real time. The much-anticipated prototype will provide more organized and meaningful search results by summarizing and contextualizing information rather than returning lists of links.

  • Abstract geometric pattern with interconnected nodes and lines

    Microsoft 365 Copilot Updates Offer Expanded AI Capabilities, Collaboration Tools

    Microsoft has announced updates to its Microsoft 365 Copilot AI assistant, including expanded AI capabilities in individual apps, the ability to create autonomous agents, and a new AI-powered collaboration workspace.

  • Google Adds AI Video Creator to Workspace Labs

    Google has added a new AI-powered video creation service as part of its Workspace Labs program, where users can try out new AI features.

  • landscape photo with an AI rubber stamp on top

    California AI Watermarking Bill Supported by OpenAI

    OpenAI, creator of ChatGPT, is backing a California bill that would require tech companies to label AI-generated content in the form of a digital "watermark." The proposed legislation, known as the "California Digital Content Provenance Standards" (AB 3211), aims to ensure transparency in digital media by identifying content created through artificial intelligence. This requirement would apply to a broad range of AI-generated material, from harmless memes to deepfakes that could be used to spread misinformation about political candidates.