sb-nz logo
Story image

Bitglass & CrowdStrike develop agentless ATP defender

18 May 2020

Bitglass and CrowdStrike have partnered up to create a new agentless advanced threat protection (ATP) solution, designed to eliminate security threats across cloud applications and services, as well as corporate and personal devices.

The OEM offering from CrowdStrike leverages deep file inspection and machine learning (ML) to identify malware, as well as other zero-day and known threats.

It works in conjunction with Bitglass’ cloud access security broker (CASB) to remediate threats based on preset policies.

Bitglass states that while cloud applications and bring your own device (BYOD) policies in workplaces can offer more flexibility, they can also serve as ‘proliferation’ points for malware if they are not properly secured.

“Once malware makes its way into a cloud app, it can quickly spread into connected apps as well as into users’ devices,” explains Bitglass chief technology officer and cofounder Anurag Kahol.

“Consequently, organisations need a multi-faceted solution that can automatically block malware both at rest and in transit. If they wait for IT teams to review and respond to threat notifications, it’s often too late.”

Bitglass explains that its CASB leverages agentless inline proxies to monitor and mediate traffic between cloud applications and devices to enforce granular security policies on data in transit. 

The CrowdStrike integration can identify and block malware in real time as infected files are uploaded to cloud applications or downloaded onto devices (even personal devices) --without the need for software installations.

Application programming interfaces (APIs) also allow for malware detection and quarantine already at rest in the cloud.

“A successful security strategy lies in the ability to quickly detect, respond and remediate threat activity,” says CrowdStrike chief scientist Sven Kasser.

“By incorporating our machine learning file-scan engine, which is trained leveraging the three trillion endpoint-related events processed weekly by the Falcon Platform, with Bitglass’ agentless architecture, customers gain comprehensive, real-time protection and control over corporate data across all endpoints with reduced risk of exposure.”

Bitglass states that the integrated solution is fully deployed in the cloud and is completely agentless--requiring no hardware appliances or software installations and ensuring rapid deployment. 

Additionally, Bitglass’ Polyscale architecture is able to scale and adapts to an enterprise’s needs on the fly. The company states that there is no need for backhauling or bottleneck architectures.

“We’re proud to leverage CrowdStrike’s industry-leading technology to deliver a robust cloud ATP solution that stops threats and empowers enterprises to embrace the cloud applications and BYOD policies that spur innovation and productivity,” concludes Kahol.