Zero-day ATP in the cloud

Cloud applications and bring your own device (BYOD) policies offer organisations enhanced flexibility and efficiency, but they can also serve as proliferation points for malware if not properly secured. This Original Equipment Manufacturer (OEM) offering from CrowdStrike uses machine learning (ML) and deep file inspection to identify malware and other threats. Together with Bitglass’ Next-Gen Cloud Access Security Broker (CASB), threats are automatically remediated based on preset policies. 

 

Bitglass’ CASB leverages agentless inline proxies to monitor and mediate traffic between cloud applications and devices in order to enforce granular security policies on data in transit. By incorporating CrowdStrike’s detection capabilities directly into Bitglass’ agentless proxy, the integration can identify and block malware in real time as infected files are uploaded to cloud applications or downloaded onto devices (even personal devices) --without the need for software installations. Additionally, integration with application programming interfaces (APIs) allows for the detection and quarantining of malware already at rest in the cloud. 

 

“Once malware makes its way into a cloud app, it can quickly spread into connected apps as well as into users’ devices,” said Anurag Kahol, chief technology officer and co-founder of Bitglass. “Consequently, organisations need a multi-faceted solution that can automatically block malware both at rest and in transit. If they wait for IT teams to review and respond to threat notifications, it’s often too late. We’re proud to leverage CrowdStrike’s industry-leading technology to deliver a robust cloud ATP solution that stops threats and empowers enterprises to embrace the cloud applications and BYOD policies that spur innovation and productivity.”

 

“As a cloud-delivered endpoint protection leader at the forefront of securing organisations from sophisticated tactics, CrowdStrike understands that a successful security strategy lies in the ability to quickly detect, respond and remediate threat activity,” said Dr. Sven Krasser, CrowdStrike’s chief scientist. “By incorporating our machine learning file-scan engine, which is trained leveraging the 3 trillion endpoint-related events processed weekly by the Falcon Platform, with Bitglass’ unique, agentless architecture, customers gain comprehensive, real-time protection and control over corporate data across all endpoints with reduced risk of exposure.”    

 

The solution is fully deployed in the cloud and is completely agentless--requiring no hardware appliances or software installations and ensuring rapid deployment. Additionally, Bitglass’ Polyscale Architecture scales and adapts to an enterprise's exact needs on the fly. There is no need for backhauling or bottleneck architectures.