CrowdStrike Falcon Fusion Streamlines Security Operation Center with Automated Workflows, Drastically Reducing Threat Response Time and Remediation

SUNNYVALE, Calif.--(BUSINESS WIRE)--CrowdStrike, a leader in cloud-delivered endpoint protection and workload protection, today announced Falcon Fusion, a unified and extensible framework purpose-built on the CrowdStrike Falcon® platform to orchestrate and automate complex workflows improving security operation center (SOC) efficiency. Falcon Fusion leverages the power of the CrowdStrike Security Cloud and relevant contextual insights across endpoints, identities, and workloads, in addition to telemetry from partner applications via the CrowdStrike Store, to improve SOC and IT efficiency and agility for enterprise customers.

With CrowdStrike Falcon Fusion, enterprise customers can meet the 1-10-60 challenge - 1 minute to identify a breach, 10 minutes to investigate, and 60 minutes to remediate – by streamlining incident investigation, response and remediation capabilities with repeatable and consistent workflows, which helps security teams get the right coverage with accuracy and speed. SOC analysts can define real-time active response workflows using an intuitive graphical user interface, along with customizable triggers based on detection and incident categories. This enables SOC teams to dramatically improve the overall efficiency of their workflows, providing them the necessary context to mitigate security risks to their organizations more quickly and effectively than ever.

“Our customers are dealing with expanding attack surfaces across multi-cloud environments and distributed workforces, making it increasingly burdensome for security teams to sift through an ever-growing number of alerts and keep their business secure,” said Amol Kulkarni, chief product officer of CrowdStrike. “We built Falcon Fusion to provide our customers with rich contextual insights and valuable customization to not only meet their immediate needs but also deploy repeatable workflows at scale. Falcon Fusion combines CrowdStrike Security Cloud’s comprehensive visibility across all business entities with the powerful incident response capabilities delivered by the lightweight Falcon agent to automate and simplify complex SOC workflows.”

Key features of Falcon Fusion include:

• Orchestrate and automate complex workflows: Build consistent and customizable workflows using intuitive no-code logic or custom code options for faster active response – all without leaving the console.
• Simplify security operations: Easy-to-use automation of workflows reduces the need to switch between different security tools and tasks and improves the efficiency of security team operations, allowing them to focus on more business critical strategic tasks.
• Accelerate incident triaging and real-time response: Speed-up incident triaging and incident response by configuring custom actions and notifications based on contextual insights from managed workloads and endpoints, resulting in reduced mean time to respond and remediate threats.
• Cut costs and resources: Free up skilled resources and improve cost efficiency by building and scaling workflows on demand employing no-code automation to create repeatable and reliable processes.
• Build powerful open ecosystem: Seamlessly deploy partner applications from the CrowdStrike Store to bring in additional telemetry to enrich their detection and response logic to further enhance security and IT operations.

For more information about Falcon Fusion and CrowdStrike’s announcements at RSA 2021, visit the CrowdStrike blog, and tune in to Amol’s talk at RSA 2021: Sponsor Briefing Modernize your SOC with CrowdStrike Security Cloud.

Forward-Looking Statements

This press release contains forward-looking statements that involve risks and uncertainties, including statements regarding the performance and benefits of CrowdStrike’s Falcon Fusion product. There are a significant number of factors that could cause actual results to differ materially from statements made in this press release.

You should not rely on these forward-looking statements, as actual outcomes and results may differ materially from those anticipated or implied by these forward-looking statements as a result of such risks and uncertainties. All forward-looking statements in this press release are based on information available to us as of the date hereof, and we do not assume any obligation to update the forward-looking statements provided to reflect events that occur or circumstances that exist after the date on which they were made.

About CrowdStrike
CrowdStrike, a global cybersecurity leader, is redefining security for the cloud era with an endpoint and workload protection platform built from the ground up to stop breaches. The CrowdStrike Falcon® platform’s single lightweight-agent architecture leverages cloud-scale artificial intelligence (AI) and offers real-time protection and visibility across the enterprise, preventing attacks on endpoints and workloads on or off the network. Powered by the proprietary CrowdStrike Threat Graph®, CrowdStrike Falcon correlates over 5 trillion endpoint-related events per week in real time from across the globe, fueling one of the world’s most advanced data platforms for security.

With CrowdStrike, customers benefit from better protection, better performance and immediate time-to-value delivered by the cloud-native Falcon platform.

There’s only one thing to remember about CrowdStrike: We stop breaches.

Qualifying organizations can gain full access to Falcon Prevent™ by starting a free trial.

Learn more: https://www.crowdstrike.com/

Follow us: Blog | Twitter

© 2021 CrowdStrike, Inc. All rights reserved. CrowdStrike, the falcon logo, CrowdStrike Falcon and CrowdStrike Threat Graph are marks owned by CrowdStrike, Inc. and registered with the United States Patent and Trademark Office, and in other countries. CrowdStrike owns other trademarks and service marks, and may use the brands of third parties to identify their products and services.