Netskope PartnersCrowdstrike

Netskope + Crowdstrike

Share threat intelligence and investigation artifacts to unite endpoint and cloud security and access.

play

Cloud-enabled threats increasingly attacking endpoints

The increasing use of apps and cloud services and the ability to access them from any device makes cloud and endpoint critical points for security. Today, 61% of malware downloads are cloud-enabled, mainly from cloud storage. Netskope and CrowdStrike together create a defense-in- breadth solution, extending advanced threat detection across endpoints, and into apps, cloud services and web traffic.

The enterprise perimeter has dissolved

The increasing use of apps and cloud services, coupled with the ability to access them from anywhere and from any device, has dissolved the traditional enterprise perimeter. Organizations are increasingly viewing cloud activity and endpoints as the most critical control points. Netskope provides comprehensive visibility and control of web, apps, and cloud services, including advanced, multi- layered threat protection including for cloud-enabled threats and cloud phishing. CrowdStrike’s cloud native Falcon Platform stops breaches by leveraging next-generation antivirus, endpoint detection and response, and threat intelligence.

Together, Netskope and CrowdStrike deliver a comprehensive view of threats across web, cloud, and endpoints and work together to respond more quickly and effectively to those threats. By sharing threat intelligence and investigation artifacts Netskope and CrowdStrike can ensure newly discovered threats are quickly identified, endpoints protected, and the threat neutralized across the organization. Additionally, Netskope is able to identify those endpoint devices that are secured by CrowdStrike and granularly control cloud access and activities of any endpoints where the CrowdStrike agent is not installed.

Netskope + Crowdstrike Use Cases

Indicators of compromise exchanged between cloud and endpoint

The CrowdStrike Falcon Endpoint Protection Platform binds seamlessly with Netskope’s cloud-native threat protection engine and shares detected IOCs to bolster Netskope’s already-robust malware detection.

Together CrowdStrike and Netskope’s enhanced capability provides joint customers with increased real-time, actionable threat forensics and enhanced malware protection on both endpoint and in the cloud. Netskope can enrich CrowdStrike by sharing data on new cloud-enabled threats discovered within apps, cloud services, and from websites visited by endpoints. In return, CrowdStrike can leverage this data to provide Netskope with details of endpoints which may already be compromised by the threat.

visibility icon

Closed-loop remediation between cloud and endpoints

Netskope is able to detect and remediate threats, such as malware, being submitted or residing within cloud services. To close the loop for newly discovered cloud threats, Netskope integrates with CrowdStrike to drive discovery and prevention across an organization’s endpoints. When new malware is discovered in the cloud, Netskope is able to pass the malicious file hash to CrowdStrike and based on this file hash CrowdStrike can alert on affected endpoints and/or prevent the malicious file from executing.

protect anywhere protect anywhere

Adaptive access control based on endpoint security posture

A key benefit of cloud services is the ability to access them from anywhere and from any device. However, unfettered access to unsanctioned cloud services (Shadow IT) is often a vector for malware or more advanced threats to enter an organization. To address this, Netskope provides device classification capabilities that enable the identification of processes running on devices accessing cloud services. Netskope is able to evaluate if the CrowdStrike agent processes are running on Windows and macOS endpoints and apply adaptive access control policies based on the result. For example, Netskope can allow uploads to cloud services only from endpoint devices that are secured by CrowdStrike.

The CrowdStrike Falcon Endpoint Protection Platform binds seamlessly with Netskope’s cloud-native threat protection engine and shares detected IOCs to bolster Netskope’s already-robust malware detection.

Together CrowdStrike and Netskope’s enhanced capability provides joint customers with increased real-time, actionable threat forensics and enhanced malware protection on both endpoint and in the cloud. Netskope can enrich CrowdStrike by sharing data on new cloud-enabled threats discovered within apps, cloud services, and from websites visited by endpoints. In return, CrowdStrike can leverage this data to provide Netskope with details of endpoints which may already be compromised by the threat.

×

Netskope is able to detect and remediate threats, such as malware, being submitted or residing within cloud services. To close the loop for newly discovered cloud threats, Netskope integrates with CrowdStrike to drive discovery and prevention across an organization’s endpoints. When new malware is discovered in the cloud, Netskope is able to pass the malicious file hash to CrowdStrike and based on this file hash CrowdStrike can alert on affected endpoints and/or prevent the malicious file from executing.

×

A key benefit of cloud services is the ability to access them from anywhere and from any device. However, unfettered access to unsanctioned cloud services (Shadow IT) is often a vector for malware or more advanced threats to enter an organization. To address this, Netskope provides device classification capabilities that enable the identification of processes running on devices accessing cloud services. Netskope is able to evaluate if the CrowdStrike agent processes are running on Windows and macOS endpoints and apply adaptive access control policies based on the result. For example, Netskope can allow uploads to cloud services only from endpoint devices that are secured by CrowdStrike.

×

Recursos