Summary of Services

Provides vCISO and other advisory services to companies that are struggling to fill leadership gaps in their security organization or desire to implement modern security strategies. The following are typical services that David can provide clients on an hourly or retainer basis:

• Virtual/fractional security leadership (vCISO, program/project management, architecture)
• Current state assessments and validation of regulatory compliance against common frameworks
• Analysis of security capabilities to support due diligence for mergers & acquisitions
• Planning & architecture support for upgrades/acquisition of security technologies (on-prem or Cloud) or MSSP services

Saturday, October 16, 2021

News from Crowdstrike Fal.con conference Oct 12 - 14

I virtually attended sessions at the Crowdstrike Fal.con conference this week.  Here are some of the highlights:

  1. They launched their XDR service.  It incorporates their Humio acquisition to provide the SIEM functionality to handle other log sources.  
  2. They've also made a free version of Humio (Community Edition) available.  
  3. They announced their Fusion platform for building and managing SOAR activities.  The demos focused on remediation actions at the endpoint and information gathering to support investigations.
  4. Falcon Filevantage is a new service that uses the Falcon agent for FIM.
Everything is available on demand.  Most of the sessions were scheduled for 30 minutes but didn't always last that long.  The 1 hour workshops typically include 10 minutes of CS platform overview then a scripted hands-on walkthrough of key capabilities where you had direct access to the CS console.  After the session it was nice to be able to poke around.

If anyone has questions about EDR/MDR/XDR vendor capabilities please reach out.  I'm helping several companies define requirements and choose a provider that best fits their needs and budgets.