CrowdStrike Introduces Humio for Falcon, Redefining Threat Hunting with Unparalleled Scale and Speed

Rhea-AI Summary

CrowdStrike (Nasdaq: CRWD) has launched Humio for Falcon, enhancing data retention for its Falcon telemetry to over a year. This capability allows security teams to analyze vast amounts of enriched data, improving threat hunting and compliance efforts. Humio’s index-free architecture offers sub-second search results, enabling organizations to detect advanced persistent threats quickly. Users like Tuesday Morning have reported savings of approximately $150,000 in their first year of use, showcasing both cost-effectiveness and enhanced investigative capabilities.

Positive

• Extended data retention for Falcon telemetry to over one year enhances threat hunting capabilities.
• Sub-second search results improve the speed of identifying potential threats.
• Cost savings of approximately $150,000 reported by early users.

Negative

• None.

Humio for Falcon provides long-term, cost-effective data retention with powerful index-free search and analysis of enriched security telemetry across enterprise environments

AUSTIN, Texas & SAN FRANCISCO--(BUSINESS WIRE)-- CrowdStrike (Nasdaq: CRWD), a leader in cloud-delivered protection of endpoints, cloud workloads, identity and data, today introduced Humio for Falcon, a new capability that extends data retention of CrowdStrike Falcon telemetry for one year or longer, enhancing threat analytics and threat hunting abilities for organizations while helping them meet compliance requirements.

Humio for Falcon brings together an industry-leading security platform in CrowdStrike Falcon, with the powerful search capabilities of CrowdStrike’s centralized logging offering, Humio. The new capability gives security teams the ability to store security and IT telemetry from the Falcon platform, which is enriched and contextualized across endpoints, workloads and identities to address the challenge of operationalizing the ever-growing volumes of data. Humio for Falcon helps security teams analyze and act on all data – both real-time and historical data – in their environment. With longer data retention due to advanced compression of ingested data, security teams can uncover and detect potential threats within their environments with deep, contextual analytics and sub-second search results at any scale through a modern, index-free architecture.

“While the data available to threat hunters and incident responders grows at an exponential rate, they are routinely forced to reduce the duration they can store this information,” said Michael Sentonas, chief technology officer at CrowdStrike. “Humio for Falcon solves this problem by delivering scalable and cost-effective data retention that enables threat hunters and incident responders to look back and see if and when an adversary was active in an IT environment and reconcile every system they touched. It’s truly a game-changer in the industry.”

Humio for Falcon provides:

• Threat hunting and troubleshooting at unprecedented scale: By retaining Falcon data for extended periods of time, security teams can proactively search and uncover hidden threats in the environment with sub-second speed, remove advanced persistent threats (APTs) by sifting through the data to detect irregularities that might suggest potential malicious behavior and better prioritize and address vulnerabilities before they can be weaponized.
• Longer data retention to help meet compliance requirements and reduce cost: With scalable storage and advanced compression techniques, customers can store and manage Falcon data for one year or longer, based on customer requirements. This wealth of real-time and historical data enables completeness and accuracy of investigation and analysis, resulting in faster threat remediation.
• New user interface (UI) dashboard visualization for fast and custom search: Feature-rich query language and index-free searches allows security teams to run queries on Falcon data and get immediate answers. Get the ability to seamlessly ingest, aggregate and search through massive security and IT telemetry and gain valuable, contextual insights with sub-second latency searches for meeting real-world security requirements, including advanced threat and vulnerability investigations.

“With Humio for Falcon, we were able to save approximately $150,000 in the first year,” said Tom Sipes, director, IT security and compliance at Tuesday Morning. “Also, the ability to save data for an extended time period is critical. When we detect an indicator of compromise, we can go back in time and analyze the entire attack chain to accelerate investigations and pinpoint issues more quickly.”

Additional Resources

• For more information on Humio for Falcon, please visit our blog.
• To watch a Humio for Falcon demo, please visit this page.
• Did you know? Humio can ingest over one petabyte of data per day. Humio was also named “Log Analytics Solution of the Year” by the Data Breakthrough Awards for 2022.

About CrowdStrike

CrowdStrike (Nasdaq: CRWD), a global cybersecurity leader, has redefined modern security with one of the world’s most advanced cloud-native platforms for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity and data.

Powered by the CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon® platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities.

Purpose-built in the cloud with a single lightweight-agent architecture, the Falcon platform delivers rapid and scalable deployment, superior protection and performance, reduced complexity and immediate time-to-value.

CrowdStrike: We stop breaches.

Learn more: https://www.crowdstrike.com/
Follow us: Blog | Twitter | LinkedIn | Facebook | Instagram
Start a free trial today: https://www.crowdstrike.com/free-trial-guide/

© 2022 CrowdStrike, Inc. All rights reserved. CrowdStrike, the falcon logo, CrowdStrike Falcon and CrowdStrike Threat Graph are marks owned by CrowdStrike, Inc. and registered with the United States Patent and Trademark Office, and in other countries. CrowdStrike owns other trademarks and service marks, and may use the brands of third parties to identify their products and services.

View source version on businesswire.com: https://www.businesswire.com/news/home/20220606005395/en/

Kevin Benacci

CrowdStrike Corporate Communications

press@crowdstrike.com

Source: CrowdStrike

FAQ

What is Humio for Falcon by CrowdStrike?

Humio for Falcon is a new capability that enhances data retention for CrowdStrike's Falcon telemetry, allowing organizations to store security data for over a year and improve threat analytics.

How does Humio for Falcon benefit security teams?

It enables security teams to conduct threat hunting with enriched data analytics and sub-second search results, improving their ability to detect potential threats.

What cost savings can be expected from using Humio for Falcon?

Early adopters have reported savings of approximately $150,000 in the first year of utilizing Humio for Falcon.

How does Humio for Falcon help meet compliance requirements?

By providing longer data retention and enabling thorough investigations, Humio for Falcon helps organizations meet various compliance requirements effectively.

What architecture does Humio for Falcon utilize?

Humio for Falcon uses an index-free architecture that allows for rapid data ingestion and analysis, offering a modern approach to security telemetry.