By: Owen Dubiel
May 7, 2021
Crowdstrike Zero Trust Power Partnership
By: Owen Dubiel
May 7, 2021
Zero-Trust is a buzzword that gets thrown around a lot in the security industry. There are a lot of companies claiming to offer an all-in-one solution to handle the topic of Zero-trust. Essentially, instead of "trust but verify," zero-trust is precisely what it sounds like, "trust nothing, authorize first." This article will discuss a partnership between four of the largest, most well-known security brands banded together to create an all-encompassing zero-trust framework. By collaborating with their platforms, they have achieved recent success in limiting enterprise-level attacks and further establishing a Zero-Trust Network between accounts and endpoints alike. Let's review these four security solutions at a high level to get a sense of how they are currently used and how they interact with each other within this new Zero-Trust engagement.
Crowdstrike is the leader in endpoint detection and response in the industry. Crowdstrike has direct visibility into all endpoints by monitoring all system processes and piecing together possible malicious strings based on known threats. It only seems right to have them as the focal point in this partnership. The Crowdstrike portion of this engagement is to collect various threat intel sources from Netskope and Proofpoint; to further enrich the activity they see on the endpoint detections. Crowdstrike is now gaining visibility exposure to both email and cloud-related activities associated with its monitored endpoints by establishing these connections.
Proofpoint is an industry-leading security solution that safeguards internal emails from malicious phishing attacks. Proofpoint also provides DLP (data loss prevention) services to limit further spread and compromise of affected accounts. Proofpoint will take the threat data generated from Crowdstrike (to enrich its findings further) and apply the same security policies enforced within Okta for internal users. These additional vectors will help Proofpoint refine its monitoring to isolate legitimate phishing emails received to the internal domain.
Okta is a world-renowned authentication platform that handles the enforcement of multi-factor authentication, security policies, and access control policies. Okta shares its policy-enforcement rules between Proofpoint and Netskope to help these two platforms distinguish what is allowed vs. prohibited in the organization. These policies are critical in reducing false-positive events and establishing regular activity for a baseline approach. The great thing about Okta is that ideally, everything authorized to access a company's resources must traverse through Okta to proceed. By sharing its policies with partnering solutions, enterprises can thwart the spread of malware and unauthorized access to resources globally.
Netskope is a CASB (Cloud Access Security Broker) that handles the monitoring of cloud resources that are not hosted or controlled by the enterprise. Netskope benefits in two ways from this partnership. First, they can share access policies for managed apps with Okta. This allows Netskope to triage the business' approved cloud technology appropriately and what might be unmanaged or considered shadow IT. Secondly, Crowdstrike shares its threat intelligence data to enrich the activity displayed and shares additional data, such as device lists and access controls, to further sync up across the enterprise.
This four-way partnership is truly a first step approach to achieving full zero-trust on a network. By combining these great companies' already established technologies, companies can achieve excellent synchronization across accounts, complete visibility, and tightened security policies controls across the board. We hope to see more companies come together to take full advantage of each other's technologies to strengthen the industry as a whole. To learn more about how Zero-Trust Networks functions, or to understand more specifics around some of the security solutions discussed in this article, head on over to Cybrary's website to read insights articles or subscribe an in-depth training course today.