CPO Amol Kulkarni: Product Reveal Keynote

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hi everyone excited to be here with you today thank you for being here and thank you for being part of the crowdstrike family we have a strong lineup of product reviews that i'm excited to share with you in the next few minutes as george mentioned we've seen unprecedented change this year due to covid companies are transforming faster than ever before years of transformation done in months weeks and even days and while this is great for productivity and agility where there is change there is added complexity and a larger attack surface and all of this increases risk at the same time the threat continues to evolve and the adversaries are more active than ever before whether you're in the private sector or the public sector you are in the crosshairs additionally the perimeter has all but disappeared with work from anywhere and the digital transformation so it's time to transform how we think about security transforming these approaches to security also means transforming you the security professional and for us innovation is our own brand of transformation aside from getting ahead of attackers our goal always is to make your life easier as a company full of security professionals we think that's a great benefit all along we've maintained that visibility is the foundation to any effective security solution if you don't have visibility you can't know what to secure you cannot protect what you can't see and the unknown unknown remains unknown which means attackers can have a field day but the key is collecting all of this visibility and presenting it in such a way that you can comprehend and act on it too much data can be overwhelming and it will get in the way of finding and dealing with threats we don't want to create a bigger haystack where finding the needle becomes even more challenging so it's all about complementing the comprehensive visibility with actionable insights that enable you to react to that threat rapidly critical to alert prioritization is thread intel which is incorporated pervasively throughout the falcon platform we also continue to rapidly innovate on our industry leading experience aggregating alerts into incidents enabling you to streamline your stock workflow so that you can focus on the most critical threats before we jump into some announcements i'm pleased to welcome back steve schmidt cecil of amazon web services to share what he thinks is most critical in a security platform all thanks very much for the introduction as a chief information security officer for amazon web services i have a sort of dual role my job is both to secure aws itself and our people and the data that we hold but also to help our customers ensure that they can secure their workloads effectively from my point of view the two most important things that we can focus on with tooling are clarity and selectivity so clarity is something that a lot of people understand from some perhaps older phrases like visibility and auditability it's the desire of any security organization to understand what's going on in their infrastructure and on their endpoints and servers visibility is about being able to see the things that are happening within your network and your infrastructure itself auditability is the ability to prove what's happening over time to be able to keep records of what's changed etc but as important as visibility and audibility is selectivity the reason selectivity is so important is because when you operate a large business and we have a large business we've got approximately a million employees around the world and we've got millions and millions and millions of customers of amazon web services who have the exactly the same problem we have small security staffs of very highly trained individuals who are incredibly hard to hire and retain so we've got to give them tools that allow them to focus on just what they need to at the exactly the right point in time and give them all of the data necessary to make a well-reasoned decision about what's going on in their environment and then respond to the changes in the environment around them and showing them just what's necessary at the right point in time is incredibly difficult it's one of those things that we really depend on tooling providers to give us just those gems that we need in order to take the action to protect ourselves to protect our customers and for our customers to protect themselves as we all know the world's changing around us right now and the dynamics of how we interact with computer systems and networks is changing as well as we work more from home as people work more independently from each other and this example of that that we think is most instructive is the movement of people from on-premises computing environments or in office computing environments into the cloud we always expected businesses to move rapidly from their on-premises environment into the cloud principally because of the agility benefits that they gain and the pricing benefits that they gain cost differentials what we didn't expect was the kind of impact that an event like covid19 would have on the movement of the cloud we've seen people move much much more rapidly than we had anticipated before but at the same time they have to focus on control of their data and the security of their information and infrastructure a really important part of that that i want to sort of close with is the idea of scatter of responsibility when we were doing selection for security products one of the things we looked at is was there one agent that we could focus on and ensure that we got exactly correct when you've got lots and lots of control pieces in an infrastructure it is much easier to get something wrong to forget about something to make a bad decision at one point whereas with one agent we had a much higher likelihood of getting it right so everybody out there who's listening to this i want to give you props for the work that you do every day we stand in your shoes at aws and we understand the difficulties that you've got in ensuring that you can help protect the assets you're responsible for it's been doubly hard doing the work in this kind of environment which is both dynamic and separate from where we usually are used to but we're all making awesome progress and it's really impressive to see the gains that people have made despite the challenges they've faced thanks very much for chatting today everybody i really enjoyed it hope you have a great day amal back to you thank you steve what he said there is critical having that selectivity in information that is surfaced up to the analyst is perfectly aligned with crowdstrike's vision of reducing alert fatigue today we are excited to introduce numerous products and capabilities that broaden and deepen our falcon platform broaden and deepen your security and are key to the continued transformation of our industry and all of us as security professionals all of these announcements are designed to help you deal with that increased complexity and attack surface by providing you with comprehensive visibility and protection across workloads but while continuing to simplify your stock workflow let's go over these one by one today cloud security is a key risk area due to the digital transformation compliance and hygiene for cloud have been checkbox features for a long time but just doing these check box features doesn't give you true security that's because scanning based compliance is always out of date especially in the devops world where the cloud teams are moving very fast and with that devops velocity comes an expanded attack surface because misconfigurations are the leading cause of successful breaches in cloud workloads today i'm excited to launch a new module crowdstrike falcon horizon that will provide predictive management of your cloud security posture falcon horizon helps sock teams focus on critical misconfiguration and alerts and selectively choose what threats deserve their attention at crowdstrike we run one of the largest cloud services in the world and we have worked hard to keep it secure now we are taking the learnings from securing our own infrastructure making them available to you through falcon horizon analyzing and filling the holes in cloud security posture is paramount and is falcon horizon's core providing you with actionable alerts with specific remediation steps so we can all use the cloud safely it broadens the approach to security beyond compliance and hygiene by laying the foundation for detecting the unknown unknowns we want to remove the clutter so that you can focus on the advanced threats the same visibility first approach the same comprehensive behavioral model is being applied to cloud security for the first time we are introducing indicators of misconfiguration ioms in addition to cloud specific indicators of attack together providing you with a consolidated picture of your cloud assets and what changes you need to make to secure them let's take a look at a demo joining us from the uk is ian mcshane vp of product marketing falcon horizon leverages crowdstrike's cloud expertise to help organizations identify security issues and indicators of misconfiguration across their own cloud environments to help crowdstrike customers easily adopt and enforce best practices we have developed policies for various cloud services all of which can be monitored and reported on directly from the falcon user interface organizations can assign a custom severity enable the policies that apply to their specific environment and they can schedule when the resulting scan should take place this dashboard presents an overview of the most recent findings across all of the registered cloud accounts in addition to breakdowns by severity by service by region and by account the dashboard reports trends for each service this visualization helps organizations quickly track improvements over time each chart also provides visibility into the supporting details for example selecting a specific policy presents a list of findings that can be exported and the falcon user interface contains the specific remediation steps to help drive improvements and streamline security across multi-cloud environments thanks ian isn't that cool next let's talk about it and security operations with our detection response and prevention capabilities we've already tackled the lion's share of what security teams do day in and day out understanding threats reacting to them triaging them and remediating them all of this is very much self-contained and smooth with low overhead in falcon today but many times after you remediate an attack you may want to do a full forensic investigation to do that today you have to use different tools requiring more time effort and complexity to deploy and manage them than to collect and analyze the artifacts we want to make all of that super simple for you i'm pleased to announce another new module added to the falcon platform crowdstrike falcon forensics automating the heavy lifting related to collecting artifacts uploading them to the cloud running etl operations on that data and providing you with actionable targeted dashboards and analytics all without you having to do anything so that you can focus your precious time and energy on deeper analysis the cool part is falcon forensics will use the same technology that our leading edge services team uses when they perform incident response the falcon forensics collector can be distributed seamlessly either through real-time response across your entire state or on a particular machine where a detection may have happened this collector dissolves itself after it completes its work leaving no additional trace on your systems we truly believe falcon forensics will be a force multiplier removing the repetitive manual work that has been the bane of forensics for a very long time in addition to forensics i'm also excited to announce the expansion of falcon spotlight our vulnerability management product to cover linux currently falcon spotlight covers managed windows devices we are now expanding it to cover both operating system and application vulnerabilities on linux our unique differentiators for spotlight are the continuous scanless real-time visibility and the actionable prioritization based on what is happening within your environment as well as what is happening globally that may be targeting your region or your industry now you can apply that same approach to your linux servers your cloud instances any host that's running linux coming to the endpoint security side we are constantly focused on improving the visibility and detection capabilities for every new attack vector adversaries are now starting to look at kernels and firmware to attack the supply chain hiding in parts of the machine that have traditionally been invisible to the security tools when you use legacy tools you cannot get rid of problems that infect the kernel or tamper with the firmware crowdstrike kernel exploit detection and prevention not only looks at malicious drivers but also looks at the behavior from these drivers and blocks abnormal behavior in real time think of this as kernel level indicators of attack this is the first time in the industry where we are applying behavioral analysis to kernel activity in addition you want to be able to look at what firmware is running on your devices and compare it across the crowdstrike community if you find firmware on your systems that's unique you may have a problem so we are also providing a dashboard that looks at the firmware hashes compares them to known good firmware hashes from dell for windows and apple for mac os as part of crowdstrike falcon discover unique capabilities that provide you the deep understanding so you can tackle the deepest threats here's ian to give us another demo malware and in particular ransomware is increasingly using sophisticated attack chains to bypass traditional av and to execute successfully for example the robinhood ransomware was recently updated to load and exploit a legitimately signed driver as a mechanism to achieve kernel code execution with this seemingly legitimate driver in place the malware can successfully encrypt the file system and presents the user with the ransom note in the falcon user interface we get the confirmation that crowdstrike was able to detect that attack not only does our machine learning correctly identify the ransomware falcon also reports a kernel level detection for defense evasion recently crowdstrike added a new malware prevention option to combat this type of attack blocking the execution of suspicious kernel drivers ensures organizations are protected from those drivers found to be malicious by crowdstrike looking back at our managed system we can now attempt to run the same attack this time the attack fails and the files are not encrypted the most recent event confirms that crowdstrike blocked the operation to start a malicious driver and protected the host from this sophisticated ransomware attack and finally let's talk about threat intel i mean we've been talking about threat intel all along as i said it's pervasive across the platform but let's talk about the specific offerings today attackers are continuing to use deep dark places where they sell stolen data trade secrets and sell access to your network they want to monetize you any way they can and it's hidden away from public web search there are thousands of these sites and you can't spend the time and effort to monitor them all because they are very dynamic they keep springing up and shutting down now crowdstrike is going to do the work for you i'm pleased to announce crowdstrike's new situational awareness module crowdstrike will search and index the hidden web and provide you with savable searches over the deep and dark web similar to google search alerts that you use for the public web you can then proactively use this information to get ahead of potential problems and understand threats and trends from the attacker's point of view all of this without you having to do any work again with the crowdstrike platform automating all this indexing it for you diving deep into the darkest portions of the web so you can sleep peacefully let's look at another demo ian the new intel dashboard includes a universal search feature giving users quick access to crowdstrike's proprietary threat intelligence information using a simple keyword or indicator to demonstrate we will search for the keyword tadal to learn more about this chinese nation-state malware in addition to actor attribution and crowdstrike intelligence reports there are also situational awareness results drilling down on situational awareness provides an overview of any reference to tador from a variety of monitored sources we are presented with information on the source and user along with a count of replies to each post directly from this screen we can open the post to learn more each result is presented in the native language as it appeared to help preserve the original meaning however crowdstrike has also incorporated a translate option that includes a hacker slang dictionary to make the intelligence information even more accessible crowdstrike's expertise in threat intelligence combined with situational awareness fuels these dashboards and publications helping our customers be less reactive and more proactive we are excited about all of our new releases and i hope you all are too across it and security operations threat intel cloud security and endpoint security here is our updated platform with all of these new modules the broadest and deepest security platform in the world with 14 modules in addition to the rich ecosystem offered through the crowdstrike store we are continuously expanding the depth and the breadth of the platform to help improve your security posture help you increase the agility with which you react to new threats to stay ahead of adversaries to predict where they will strike and make sure they fail to make sure that the breach is stopped we want you to sleep well at night have normal weekends and evenings with your family knowing full well that your entire estate is protected by the best security platform on the planet crowdstrike falcon thank you
Info
Channel: CrowdStrike
Views: 1,302
Rating: 5 out of 5
Keywords: CrowdStrike, cyber security, cybersecurity, cyber intrusion, endpoint protection, endpoint security, Fal.Con, Fal.Con 2020, Amol Kulkarni
Id: iX8t-LofZUY
Channel Id: undefined
Length: 22min 26sec (1346 seconds)
Published: Tue Nov 10 2020
Related Videos
Introduction to CrowdStrike Falcon Endpoint Security Platform
CrowdStrike
55K
Zscaler Whiteboard Story: A 5-minute Look at The Cloud Security Platform
Zscaler Inc.
98K
CTO Mike Sentonas: CrowdStrike Falcon Platform Tour
CrowdStrike
5K
Neil DeGrasse Tyson - Keynote Speech - 28th National Space Symposium
Eventide Visuals
167K
Simon Sinek 2021 - The Speech That Broke The Internet - Most MOTIVATIONAL Ever
Alpha Leaders
588K
Better Visibility with Falcon Insight
CrowdStrike
2.8K
Mercedes-AMG & CrowdStrike: “Perfecting the Pivot: Building a Winning Culture in Challenging Times"
CrowdStrike
2.5K
Welcome to CrowdStrike
CrowdStrike
19K
AWS re:Invent 2019 - Keynote with Andy Jassy
Amazon Web Services
706K
Crowdstrike Falcon. Technical Review. EDR, MDR, EPP. Endpoint Security explained
Steven Roman
3.9K
iOS 15 Settings You Need To Turn Off Now
Payette Forward
3M
How To Pay Yourself As An LLC
Karlton Dennis
1.1M
How CrowdStrike Falcon Protects Against DarkSide Ransomware
CrowdStrike
1.9K
Keynote on Strategy By Michael Porter, Professor, Harvard Business School
arthsastra
471K
The Power of Nonverbal Communications | Joe Navarro (Keynote) | CMX Summit West 2015
CMX
1.3M
What is Salesforce (and why is it so good)?
David K. Liu
205K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.