Organizations need to stay ahead of the ever-evolving security landscape. It’s no secret that Zero Trust security is crucial for successful endpoint protection. Due to the rapid transition to a remote workforce and shift from the traditional data center into dynamic cloud infrastructure we’ve witnessed in the last year, more and more companies are finding the need to accelerate their digital transformation to keep pace with the expanding threat surface.
Zero Trust Is Not Optional
These rapid changes in the work environment have made it very important to shift from the traditional security “trust but verify” model to the Zero Trust model of “never trust, always verify.” Zero Trust requires all users, whether in or outside of the organization’s network, to be authenticated, authorized and continuously validated for security configuration and posture before being granted access to applications and data.
In fact, 90% of organizations surveyed in July 2021 indicated that they have embarked on their Zero Trust journey, but only 33% of them reported that they were in the implementation phase.
How CrowdStrike Falcon Zero Trust Assessment (ZTA) Helps
CrowdStrike Falcon Zero Trust Assessment (ZTA) expands Zero Trust beyond authentication to enable detection, alerting and enforcement of conditional access based on device health and compliance checks to mitigate risks. With expanded support for macOS and Linux, Falcon ZTA provides visibility into all endpoints running across all operating platforms in an organization. Falcon ZTA monitors over 120 different unique endpoint settings, including sensor health, applied CrowdStrike policies and native operating system (OS) security settings. Customers receive actionable reports via the CrowdStrike Falcon® console and APIs to ensure that the highest degree of device security is enforced.
Zero Trust Is Not a One-stop Solution
Zero Trust is a journey that should cover the important entities — your endpoints, identities and workloads — to maximize protection.
The continued expansion of the CrowdStrike Zero Trust partner ecosystem provides customers with a broad range of options that integrate with their existing security stack to ensure continuous and dynamic device posture assessment regardless of location, network or user.
CrowdStrike’s continued expansion of Zero Trust solutions within our partner ecosystem allows companies to find solutions that integrate with their existing solution stack to ensure continuous and dynamic device posture assessment. Our recently announced partners offer a broad range of solutions, so customers have options to select one that supports their specific needs. These Zero Trust integrations provide solutions that give customers the flexibility to set alerts or block access to data, at the IP or application.
- Airgap: Airgap’s integration with Falcon ZTA allows customers to reduce their enterprise attack surface and prevent lateral movement across the organization. Customers can leverage a consolidated SaaS management console to configure, manage and update their network access policies based on a device posture and health score provided through Falcon ZTA. Customers can leverage this to prioritize monitoring network traffic using Airgap’s intuitive, easy-to-use interface. In addition, customers can automate highly customized responses to suspected malicious activity across their network through the Airgap interface to CrowdStrike’s endpoint detection and response (EDR) solutions.
- Appgate: With Appgate SDP and Falcon ZTA, customers can achieve intelligence-aware Zero Trust access to anywhere from anywhere. Using the Falcon ZTA built into the Falcon platform, Appgate SDP can enrich and dynamically adapt secure access entitlements dynamically and continuously to reduce risk. Joint customers can improve security by dynamically restricting access to risky endpoints or users, even during an established session, based on real-time risk detections and indicators of compromise.
- CyberArk: The integration between the CyberArk Identity Security Platform and Falcon ZTA gives clients the ability to identify and block out-of-compliance endpoints from connecting to an organization’s IT estate. The Falcon ZTA agent scans the endpoints and provides three scores (overall, OS, sensor_config) that are retrieved at the time of access. The integration allows for the admin to configure a certain threshold that will allow or deny user access to corporate IT resources based on the score returned from the Falcon ZTA API. When a privileged user attempts to connect to an endpoint, CyberArk confirms the Falcon ZTA score, and if it exceeds a certain threshold, their access is denied.
- TruU: TruU and CrowdStrike have teamed up to combine Falcon ZTA with the TruIdentity Cloud continuous authentication risk engine to provide a comprehensive, best-in-class Zero Trust solution. The combination of device and identity risk allows customers to implement intelligent real-time policies that respond to potential threats by stepping up identity verification on compromised endpoints and limiting access to high-value assets from these endpoints.
- Twingate: Twingate combined with the Falcon ZTA solution mitigates an organization’s risk from compromised devices through the enforcement of dynamic conditional access based on device health and compliance checks. Every endpoint and user is authenticated and authorized based on user identity as well as the endpoint device’s security posture and risk level before access to sensitive data and corporate assets is granted. This is applied to actual user devices and services that DevOps is running as part of their CI/CD workflows. This integration allows DevSecOps administrators to make more informed decisions on whether access requests should be authorized by leveraging the device risk score returned from the Falcon ZTA API and to configure in Twingate the minimum score thresholds per device.
These new integrations expand our Zero Trust partner ecosystem beyond the already existing partner integrations with Google Cloud, Netskope and Okta to integrate CrowdStrike Falcon ZTA natively in their products, streamlining operations and simplifying management. CrowdStrike’s continued expansion of Zero Trust integrations offers solutions with key technologies to ensure organizations are protected against modern and evolving threats against multiple attack vectors by securing all hardware and digital assets. Through these technology alliances, customers can maximize Zero Trust coverage across hybrid enterprises and stop breaches in real time.