Cohesity Integrates CrowdStrike Threat Intelligence into Data Protection Platform

Data security provider Cohesity has added CrowdStrike threat intelligence to its flagship data protection platform.

Specifically, the company announced the general availability of Cohesity Data Cloud integration with CrowdStrike Falcon Adversary Intelligence. Cohesity likened this move to the "bring your own" — or BYO — model, such as in BYOD (bring your own device) scenarios. In this case, instead of employees bringing their own devices to work, organizations can bring their own threat intelligence functionality to Cohesity's data protection platform.

"Our latest collaboration with CrowdStrike, one of our inaugural Data Security Alliance partners, allows customers to bring their own (BYO) cyber threat intelligence," Cohesity said in a blog post. "The addition of CrowdStrike's world-class threat intelligence feeds, which tracks over 250 adversaries — exposing their activity, tools, and tradecraft — while incorporating indicators of compromise (IOCs), allows customers to detect the latest threats with higher fidelity and accuracy and enhance the effectiveness and efficiency of their response activities."

The move expands Cohesity's strategic partnership with CrowdStrike, a partnership that now has its own website which lists use cases for the new integration:

  • Threat hunting: Integrate threat intelligence feeds from Falcon Adversary Intelligence to identify threats within your Cohesity data with higher fidelity.
  • Forensic analysis and response: Use the latest threat intel feeds to hunt for threats in your backups across data centers and edge locations -- without interruptions from cyber incidents.
  • Data recovery: Use the latest threat intel feeds to identify IOCs before restoration, minimizing the risk of reattack.
  • Threat detection: Speed up threat detection by enriching CrowdStrike Falcon LogScale logs with data security insights on anomalies, sensitive data, and threats within your Cohesity data.

Cohesity said Falcon Adversary Intelligence delivers custom IOCs derived from the automated analysis of threats that reach an organization's endpoints. One bit of functionality highlighted in the announcements is the ability to run threat hunts on backup copies of data, which lets organizations stealthily investigate where the attacker has persistence. The ability to investigate out-of-band helps prevent adversaries from enacting countermeasures, the company said. Because detection occurs on secondary data rather than the host itself, Cohesity's ability to discover IOCs is not impacted by incident containment activities that might isolate hosts and networks.

High-Level Workflow
[Click on image for larger view.] High-Level Workflow (source: Cohesity).

"By implementing Cohesity's clean room design and integrated tooling, customers gain specialized forensic capabilities to analyze malware, investigate breaches, and understand attack vectors without risking contamination of their broader IT environment," the company said in a news release.

"Elevating your organization's threat detection and response is crucial in today's threat environment, especially with AI at the disposal of cyber adversaries," commented Cohesitys CTO Craig Martell, in a statement. "Secondary data estates offer a perfect opportunity for minimizing attackers' advantages and, together with CrowdStrike, our customers can enhance their threat hunting and response and while also automating defenses across their security stack."

For more information, visit the Cohesity site.

About the Author

David Ramel is an editor and writer at Converge 360.

Featured

  •  classroom scene with students gathered around a laptop showing a virtual tour interface

    Discovery Education Announces Spring Lineup of Free Virtual Field Trips

    This Spring, Discovery Education is collaborating with partners such as Warner Bros., DC Comics, National Science Foundation, NBA, and more to present a series of free virtual field trips for K-12 students.

  • glowing padlock shape integrated into a network of interconnected neon-blue lines and digital nodes, set against a soft, blurred geometric background

    3 in 4 Administrators Expect a Security Incident to Impact Their School This Year

    In an annual survey from education identity platform Clever, 74% of administrators admitted that they believe a security incident is likely to impact their school system in the coming year. That's up from 71% who said the same last year.

  • horizontal stack of U.S. dollar bills breaking in half

    ED Abruptly Cancels ESSER Funding Extensions

    The Department of Education has moved to close the door on COVID relief funding for schools, declaring that "extending deadlines for COVID-related grants, which are in fact taxpayer funds, years after the COVID pandemic ended is not consistent with the Department’s priorities and thus not a worthwhile exercise of its discretion."

  • pattern of icons for math and reading, including a pi symbol, calculator, and open book

    HMH Launches Personalized Path Solution

    Adaptive learning company HMH has introduced HMH Personalized Path, a K-8 ELA and math product that combines intervention curriculum, adaptive practice, and assessment for students of all achievement levels.