Cohesity Integrates CrowdStrike Threat Intelligence into Data Protection Platform

Data security provider Cohesity has added CrowdStrike threat intelligence to its flagship data protection platform.

Specifically, the company announced the general availability of Cohesity Data Cloud integration with CrowdStrike Falcon Adversary Intelligence. Cohesity likened this move to the "bring your own" — or BYO — model, such as in BYOD (bring your own device) scenarios. In this case, instead of employees bringing their own devices to work, organizations can bring their own threat intelligence functionality to Cohesity's data protection platform.

"Our latest collaboration with CrowdStrike, one of our inaugural Data Security Alliance partners, allows customers to bring their own (BYO) cyber threat intelligence," Cohesity said in a blog post. "The addition of CrowdStrike's world-class threat intelligence feeds, which tracks over 250 adversaries — exposing their activity, tools, and tradecraft — while incorporating indicators of compromise (IOCs), allows customers to detect the latest threats with higher fidelity and accuracy and enhance the effectiveness and efficiency of their response activities."

The move expands Cohesity's strategic partnership with CrowdStrike, a partnership that now has its own website which lists use cases for the new integration:

  • Threat hunting: Integrate threat intelligence feeds from Falcon Adversary Intelligence to identify threats within your Cohesity data with higher fidelity.
  • Forensic analysis and response: Use the latest threat intel feeds to hunt for threats in your backups across data centers and edge locations -- without interruptions from cyber incidents.
  • Data recovery: Use the latest threat intel feeds to identify IOCs before restoration, minimizing the risk of reattack.
  • Threat detection: Speed up threat detection by enriching CrowdStrike Falcon LogScale logs with data security insights on anomalies, sensitive data, and threats within your Cohesity data.

Cohesity said Falcon Adversary Intelligence delivers custom IOCs derived from the automated analysis of threats that reach an organization's endpoints. One bit of functionality highlighted in the announcements is the ability to run threat hunts on backup copies of data, which lets organizations stealthily investigate where the attacker has persistence. The ability to investigate out-of-band helps prevent adversaries from enacting countermeasures, the company said. Because detection occurs on secondary data rather than the host itself, Cohesity's ability to discover IOCs is not impacted by incident containment activities that might isolate hosts and networks.

High-Level Workflow
[Click on image for larger view.] High-Level Workflow (source: Cohesity).

"By implementing Cohesity's clean room design and integrated tooling, customers gain specialized forensic capabilities to analyze malware, investigate breaches, and understand attack vectors without risking contamination of their broader IT environment," the company said in a news release.

"Elevating your organization's threat detection and response is crucial in today's threat environment, especially with AI at the disposal of cyber adversaries," commented Cohesitys CTO Craig Martell, in a statement. "Secondary data estates offer a perfect opportunity for minimizing attackers' advantages and, together with CrowdStrike, our customers can enhance their threat hunting and response and while also automating defenses across their security stack."

For more information, visit the Cohesity site.

About the Author

David Ramel is an editor and writer at Converge 360.

Featured

  • AI microchip under cybersecurity attack, surrounded by symbols of threats like a skull, spider, lock, and warning shield

    Report Finds Agentic AI Protocol Vulnerable to Cyber Attacks

    A new report from Backslash Security has identified significant security vulnerabilities in the Model Context Protocol (MCP), technology introduced by Anthropic in November 2024 to facilitate communication between AI agents and external tools.

  • student reading a book with a brain, a protective hand, a computer monitor showing education icons, gears, and leaves

    4 Steps to Responsible AI Implementation in Education

    Researchers at the University of Kansas Center for Innovation, Design & Digital Learning (CIDDL) have published a new framework for the responsible implementation of artificial intelligence at all levels of education, from preschool through higher education.

  • teen studying with smartphone and laptop

    OpenAI Developing Teen Version of ChatGPT with Parental Controls

    OpenAI has announced it is developing a separate version of ChatGPT for teenagers and will use an age-prediction system to steer users under 18 away from the standard product, as U.S. lawmakers and regulators intensify scrutiny of chatbot risks to minors.

  • ClassVR headsets

    Avantis Education Launches New Headsets for ClassVR Solution

    Avantis Education recently introduced two new headsets for its flagship educational VR/AR solution, ClassVR. According to a news release, the Xcelerate and Xplorer headsets expand the company’s offerings into higher education while continuing to meet the evolving needs of K–12 users.