- New notification workflows and Real Time Response (RTR) capabilities that help SOCs to streamline incident response.
- User interface enhancements designed to help analysts visualize the relationship between detections and incidents. Customers can view, assign, and update the status of and comment on related detections, CrowdStrike says.
CrowdStrike: MSP and MSSP Partner Strategy
CrowdStrike did not specifically mention whether the new Falcon enhancements are designed for MSP and MSSP (managed security services provider) partners.CrowdStrike itself is software company that offers managed endpoint security and managed threat hunting services. Meanwhile, dozens of cybersecurity and MSSP companies now offer SOC as a Service capabilities to MSPs and channel partners.Still, the CrowdStrike Partner Program includes a service provider focus for MSPs, MSSPs, MDR companies and consulting firms. Moreover, most of CrowdStrike's customer wins are partner-led deals, CEO CEO George Kurtz told Wall Street analysts during a December 2020 earnings call.CrowdStrike Falcon Enhancements: Executive Perspective

“Security teams today are overwhelmed by the expanded attack volume, disparate alert notifications and complex security workflows. CrowdStrike has always focused on improving the efficacy and speed of security operations. These new capabilities enable teams to orient more quickly to the detections and incidents that matter and to handle known situations with automation, reducing workload overhead and alert fatigue. The right teams now get the right information via the right tools with less distractions for faster and more focused triage and response.”




