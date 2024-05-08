CrowdStrike CRWD announced that it has upgraded its Falcon Next-Gen Security Incident and Event Management (SIEM) solution, which now gives it an edge over traditional SIEM products. The company also claims that the newly introduced features will improve the speed, data visualization capability and monitoring performance of the product compared with its alternatives.

The Falcon Next-Generation SIEM unifies data, security and IT, with AI and workflow automation to enhance the capabilities of security teams to stop advanced breaches. This solution will enable AI-Native SOC to search up to 150 times faster, reducing the total cost of ownership by 80% compared with traditional SIEMs.

The enhanced product includes offerings like Charlotte AI for data-based queries and investigations. The integration of Charlotte AI will enable the security analysts to make queries in natural language. The solution also comes with GenAI Promptbook, which answers the most common queries of analysts through default and custom prompts.

The solution also comes with a number of automated features for investigations, threat hunting, data normalization on a common standard, SIEM data on-boarding and incident enrichment.

The solution also features a number of connectors to integrate third-party IT and security data into the unified Falcon platform. Connectors like Microsoft Defender for Cloud and Microsoft Exchange Online can be used as Azure connectors. Similarly, there are connectors for AWS and GCP.

The user interface of the solution, combined with direct access to advanced event search, naming customization and easy integration of threat intelligence, is expected to simplify search processes while reducing hassles for the analysts.

The introduction of new innovation in CrowdStrike’s Falcon Next-Generation SIEM is likely to address the growing demand for cyber security solutions, owing to the rise of advanced data breaches through AI and cloud vulnerabilities.

Organizations across the globe are continuously facing sophisticated cyber threats, making it important for them to safeguard endpoints, on-premises IT infrastructure and cloud ecosystem. This presents an opportunity for CRWD to expand its market presence through persistent improvements in its cybersecurity products.

Nevertheless, the company faces short-term challenges triggered by softening IT spending, high interest rates, stretched-out inflation and global geopolitical tension. CRWD is facing direct challenges from the above factors through decreased consumer spending, budgetary cuts among its enterprise customers and delayed finalization of deals.

