When it comes to IT security, most organizations are outgunned and undermanned. Not only do the bad guys now include nation states with access to sophisticated IT skills and software, the attacks themselves are becoming more targeted.
The challenge that creates for IT organizations is that they can’t distinguish between garden-variety malware and an attack that is specifically aimed at compromising their intellectual property.
To help IT organizations to distinguish between the massive amounts of malware they need to analyze, CrowdStrike today formally launched a Big Data security intelligence cloud service, CrowdStrike Falcon, that analyzes attacks in real time.
According to CrowdStrike CEO George Kurtz, targeted attacks known as advanced persistent threats (APTs) may make up a small percentage of the malware an IT organizations needs to defend against, but they are the most pernicious.
Kurtz says CrowdStrike Falcon identifies those attacks in real time, giving IT organizations the critical information they need to prioritize what threats to deal with first and then what specific assets and vulnerabilities are being targeted by any specific APT.
Falcon accomplishes this by keeping track of the different malware attacks being made and then applying Big Data analytics to associate certain types of attacks with the modus operandi of certain hacker organizations. That knowledge usually gives the IT organization a pretty good idea of what types of assets those hackers are trying to compromise.
Obviously, CrowdStrike Falcon doesn’t do anything to eliminate security threats. But they say to be forewarned is to be forearmed, which in a world characterized by zero-day APT threats is becoming nothing less than indispensable.