CrowdStrike announced Humio for Falcon, a new capability that extends the data retention of CrowdStrike Falcon telemetry for one year or longer, enhancing threat analytics and threat hunting capabilities for organizations while also helping them meet compliance requirements.
CrowdStrike Falcon’s Humio for Falcon combines an industry-leading security platform with the robust search capabilities of CrowdStrike’s centralized logging service; Humio. To address the problem of operationalizing ever-growing volumes of data, the new feature allows security teams to store security and IT telemetry from the Falcon platform, which is enriched and contextualized across endpoints, workloads, and identities. Humio for Falcon enables security teams to examine and act on all data in their environment, both real-time and historical. Through a modern, index-free architecture, security teams can find and detect possible vulnerabilities within their environments with deep, contextual analytics and sub-second search results at any scale, Thanks to enhanced compression of ingested data.
“While the data available to threat hunters and incident responders grows at an exponential rate, they are routinely forced to reduce the duration they can store this information,” said Michael Sentonas, chief technology officer at CrowdStrike. “Humio for Falcon solves this problem by delivering scalable and cost-effective data retention that enables threat hunters and incident responders to look back and see when an adversary was active in an IT environment and reconcile every system they touched. It’s truly a game-changer in the industry.”