Commvault is the latest data management and protection services vendor to integrate its offering with the CrowdStrike Falcon cybersecurity platform.
The collaboration leverages CrowdStrike’s security data and threat intelligence within the Commvault Cloud, delivering layered threat detection and fast data recovery for joint customers, it is promised.
Earlier this month, Dell announced a security threat and recovery service integration with CrowdStrike for enterprises, as did both Rubrik and Cohesity last year.
“By adding another layer of enriched threat insights from the Falcon platform within Commvault Cloud, organisations can gain faster, more comprehensive visibility to streamline incident response, helping them achieve continuous business, even in the face of sophisticated attacks,” said Commvault.
When CrowdStrike prevents and detects malicious activity or a suspicious event, administrators can view the alert in Commvault Cloud, run Threat Scan to check for threats, and rapidly restore affected data to a previous, known-good state, we are told.
“The average organisation has seen eight cyber incidents in the last year, four of which are considered major. At Commvault, we are committed to empowering businesses with the tools they need to not only safeguard their data, but to enhance their overall cyber resilience,” said Alan Atkinson, chief partner officer, Commvault. “By partnering with CrowdStrike, we are combining our deep expertise in cyber resilience with their advanced threat detection capabilities, empowering our joint customers with faster response times and a stronger cyber resilience posture.”
With the Dell integration, it has expanded its managed detection and response (MDR) services through using CrowdStrike’s Falcon Next-Gen SIEM (security incident and event management) as part of its MDR, to “simplify” threat detection and response with a unified platform, “boosting visibility” and helping to prevent breaches.
The combined package promises to give enterprises visibility into their infrastructure that’s “not possible with off-the-shelf tools”, said the partners.
Dell and CrowdStrike have developed more than 60 unique indicators of compromise (IOCs) tailored specifically for Dell PowerProtect Data Domain and PowerProtect Data Manager. The IOCs are used within Falcon Next-Gen SIEM’s AI-powered detections, ranked by severity, and provide forensics data to Dell security analysts to “accelerate” responses on behalf of customers.
Examples of the IOCs include disabled multi-factor authentication, login from a public IP address, mass data deletion, and multiple failed login attempts.
