Introducing CrowdStream: A New Native CrowdStrike Falcon Platform Capability Powered by Cribl

April 24, 2023

We’re excited to announce an expanded partnership with CrowdStrike and introduce CrowdStream, a powerful new native platform capability that enables customers to seamlessly connect any data source to the CrowdStrike Falcon platform.

Since our founding in 2018, Cribl has been on a mission to unlock the value of all observability data and give customers the power to choose how they collect, route, and transform their observability, security, and telemetry data. Our suite of products provides the freedom and flexibility that customers need to make the best choices for their organization, without being locked into a particular vendor or technology stack. With Cribl, customers have full control over their data, including where it comes from, how it’s formatted, and where it’s sent. This functionality enables IT and security teams to make better decisions, optimize their operations, and achieve their business goals with confidence while controlling costs.

Powered by Cribl’s open observability technology, CrowdStream transforms the way customers collect and manage their data, giving them the ability to easily access and analyze data from any security, IT operations, or analytics source and send it to the CrowdStrike Falcon LogScale datastore. With CrowdStream, customers can eliminate data silos, streamline operations, and address complex challenges related to XDR, log management, and AI-based analytics.

Benefits of CrowdStream for CrowdStrike Customers

CrowdStream Powered by Cribl

CrowdStream is a game-changer for organizations looking to unify their IT and security data. This new native platform capability connects any data source directly to the CrowdStrike Falcon platform, accelerating the adoption of holistic XDR and log management. By sitting between data sources and their destination, CrowdStream provides an elegant solution to get data into the Falcon platform and reduce the cost of traditional approaches to observability and log management.

With CrowdStream, organizations can join data across silos and achieve real-time visibility at petabyte scale. This powerful capability allows customers to easily connect and route data from any source into CrowdStrike Falcon LogScale, enabling holistic XDR and log management. Customers can also centralize their data within the Falcon platform for AI-powered insights and near-instant search, making it easier to eliminate threats, run deep analytics, and hunt for adversaries.

In addition to providing significant value to customers, CrowdStream also helps to reduce costs associated with SIEM and log management. By sending only the right data to Falcon LogScale, CrowdStrike customers can save on infrastructure and licensing costs. For example, a large financial institution was able to save at least $5 million dollars over three years by effectively routing data to LogScale. With CrowdStream, customers can achieve similar savings and optimize their operations for success.

“Cribl is a proud CrowdStrike Falcon Fund partner, as we were one of CrowdStrike’s first investments. We see this expanded strategic partnership with CrowdStrike as another step to solving the massive data problem that cybersecurity teams face today,” said Abby Strong, senior vice president, customer experience and marketing, Cribl. “By making the process of data collection for the CrowdStrike Falcon platform easier, CrowdStream will revolutionize the way that organizations quickly gain value from XDR and log management.”

“Cybersecurity is fundamentally a data problem. Today’s adversary techniques are growing more sophisticated including the use of initial access, lateral movement, privilege escalation, defense evasion and data extortion. However, organizations are still struggling to effectively and efficiently collect the right data from a variety of security and IT point products they deploy to root out and shut down threats from adversaries,” said Daniel Bernard, chief business officer at CrowdStrike. “For organizations to stay ahead of these threats, it is imperative they have real-time visibility and data at their fingertips. We see the CrowdStream technology as a game-changer that significantly improves our customer’s ability to get the right data, from any source, directly into the CrowdStrike Falcon platform to solve the hardest security and IT challenges in an elegant, cost-effective way.”

CrowdStream will be generally available for CrowdStrike customers by June 2023. To learn more about CrowdStream, check out CrowdStrike’s blog.

Additional Resources

Cribl's Lookup Examples Pack

Learning by Example with Cribl’s New Lookup Examples Pack

Read More
Cribl Stream to Elastic

Sending Data to Elastic Security With Cribl Stream (And Making It Work With Elastic SIEM)

Read More
Air gap Cribl Stream

Cribl Stream + CDS: An Air Gapped Data Transfer Solution

Read More

Try Your Own Cribl Sandbox

Experience a full version of Cribl Stream and Cribl Edge in the cloud with pre-made sources and destinations.