CrowdStrike has announced the launch of the CrowdStrike Intelligence Exchange Program (CSIX), an initiative that allows vendor partners to access and share threat intelligence to boost the ability to detect and attribute attacks, allows for attack prioritization and provide the end customer with context about the attacks in their environment.
According to Infosecurity, CrowdStrike’s CSIX is launching with six partners contributing information: Agiliance, Centripetal Networks, Check Point Software Technologies, Ltd., General Dynamics Fidelis Cybersecurity Solutions, LogRhythm, ThreatQuotient and ThreatStream.
There are three ways to participate in the program OEM partners can deliver basic attribution to help their customer understand if an attack is targeted or commodity. It queries the CrowdStrike API with supported indicators and/or submits a malware sample receiving attribution information. Or, attribution data can be made available to the OEM partner’s solution to provide context and prioritisation of targeted attacks. Content delivered to the customer includes both adversary name and full profile details, including targeted sectors, exploits used and other trend data, under a license and revenue sharing model.
A third option is for the OEM partner to certify the integration of CrowdStrike Intelligence into its solution for use with joint customers.