The exchange enables vendor partners to access and share threat intelligence. This threat intelligence continuously improves vendor partnersí ability to detect and attribute attacks, allows for attack prioritization, and provides the end customer with rich context about the attacks in their environment.
CSIX launches with seven industry partners: Agiliance, Centripetal Networks, Check Point Software Technologies, General Dynamics Fidelis Cybersecurity Solutions, LogRhythm, ThreatQuotient, and ThreatStream. Security solution vendors can add rich context and attack prioritization through three go-to-market program options:
- Option 1: CrowdID
- OEM Partner can deliver basic attribution to help their customer understand if an attack is targeted or commodity, free of charge. The OEM Partner queries the CrowdStrike API with supported indicators and/or submits a malware sample receiving attribution information.
- Option 2: Falcon Intelligence - Adversary Profile
- Attribution data is made available to the OEM Partnerís solution to provide rich context and prioritization of targeted attacks. Content delivered to the customer includes both adversary name and full profile details, including targeted sectors, exploits used, and other trend data, under a license and revenue sharing model.
- Option 3: Falcon Intelligence Connect
- CrowdStrike and the OEM Partner certify the integration of CrowdStrike Intelligence to the OEM Partnerís solution for use with joint customers.