Portnox & CrowdStrike team up for real-time access control
Portnox has introduced an integration with CrowdStrike to enable organisations to enforce network access policies using real-time risk intelligence derived from endpoint telemetry.
The integration brings together Portnox's cloud-native Network Access Control (NAC) platform with CrowdStrike's device telemetry and Zero Trust Assessment (ZTA) scoring, allowing organisations to tailor access controls based on continuous device risk evaluation.
Portnox stated that addressing endpoint visibility and risk-based access control is essential to modern cybersecurity, and that the collaboration with CrowdStrike directly supports this goal by aligning endpoint intelligence with network access enforcement.
Denny LeCompte, Chief Executive Officer of Portnox, commented: "In an era where cybersecurity threats are constantly evolving, dynamic, real-time access control is paramount. Our integration with CrowdStrike delivers on this need by empowering organizations to make informed, automated access decisions based on the most current device posture. This partnership significantly fortifies our customers' security posture, enabling them to confidently embrace Zero Trust principles and adapt to an ever-changing risk landscape."
CrowdStrike's Falcon platform is a cloud-delivered solution employing artificial intelligence to provide protection for endpoints, workloads, and identities. It features real-time detection and response, threat intelligence, and behaviour-based protection mechanisms aimed at preventing security breaches.
A distinctive metric offered by CrowdStrike is the ZTA score, which evaluates the risk level of a device based on inputs such as its health, known vulnerabilities, recent threat detections, patterns of user behaviour, and the operational status of the CrowdStrike agent. This score is represented on a scale from 0 to 100, and allows security teams to determine the appropriate level of network access or if device remediation is necessary.
Through the integration, Portnox's platform enhances its ability to implement detailed and adaptive access controls without relying on on-premises hardware or complex setups. New capabilities provided by the integration include: Automatic verification of whether a device is managed by the CrowdStrike Falcon agent before granting network access.
Incorporation of ZTA scores into policy decision-making, so that only low-risk devices can receive full access, while devices assessed as high-risk may be assigned to guest networks or receive restricted access.
Utilisation of real-time CrowdStrike risk signals to reinforce least-privilege models in both corporate and Bring Your Own Device (BYOD) scenarios.
Automated network access control policies that adjust to changes in device risk posture as reported by CrowdStrike, with the goal of limiting threats before escalation.
The companies note that this collaborative capability is intended to benefit organisations pursuing Zero Trust architectures, particularly those managing hybrid work environments or BYOD programmes. The system is designed to ensure only trusted and compliant devices connect to corporate networks, blocking unauthorised or insecure devices and helping to maintain ongoing security as threat patterns change.
Follow us on:
Share on:
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
a day ago
- Techday NZ
Portnox & CrowdStrike team up for real-time access control
Portnox has introduced an integration with CrowdStrike to enable organisations to enforce network access policies using real-time risk intelligence derived from endpoint telemetry. The integration brings together Portnox's cloud-native Network Access Control (NAC) platform with CrowdStrike's device telemetry and Zero Trust Assessment (ZTA) scoring, allowing organisations to tailor access controls based on continuous device risk evaluation. Portnox stated that addressing endpoint visibility and risk-based access control is essential to modern cybersecurity, and that the collaboration with CrowdStrike directly supports this goal by aligning endpoint intelligence with network access enforcement. Denny LeCompte, Chief Executive Officer of Portnox, commented: "In an era where cybersecurity threats are constantly evolving, dynamic, real-time access control is paramount. Our integration with CrowdStrike delivers on this need by empowering organizations to make informed, automated access decisions based on the most current device posture. This partnership significantly fortifies our customers' security posture, enabling them to confidently embrace Zero Trust principles and adapt to an ever-changing risk landscape." CrowdStrike's Falcon platform is a cloud-delivered solution employing artificial intelligence to provide protection for endpoints, workloads, and identities. It features real-time detection and response, threat intelligence, and behaviour-based protection mechanisms aimed at preventing security breaches. A distinctive metric offered by CrowdStrike is the ZTA score, which evaluates the risk level of a device based on inputs such as its health, known vulnerabilities, recent threat detections, patterns of user behaviour, and the operational status of the CrowdStrike agent. This score is represented on a scale from 0 to 100, and allows security teams to determine the appropriate level of network access or if device remediation is necessary. Through the integration, Portnox's platform enhances its ability to implement detailed and adaptive access controls without relying on on-premises hardware or complex setups. New capabilities provided by the integration include: Automatic verification of whether a device is managed by the CrowdStrike Falcon agent before granting network access. Incorporation of ZTA scores into policy decision-making, so that only low-risk devices can receive full access, while devices assessed as high-risk may be assigned to guest networks or receive restricted access. Utilisation of real-time CrowdStrike risk signals to reinforce least-privilege models in both corporate and Bring Your Own Device (BYOD) scenarios. Automated network access control policies that adjust to changes in device risk posture as reported by CrowdStrike, with the goal of limiting threats before escalation. The companies note that this collaborative capability is intended to benefit organisations pursuing Zero Trust architectures, particularly those managing hybrid work environments or BYOD programmes. The system is designed to ensure only trusted and compliant devices connect to corporate networks, blocking unauthorised or insecure devices and helping to maintain ongoing security as threat patterns change. Follow us on: Share on:
Techday NZ
4 days ago
- Techday NZ
CrowdStrike & Microsoft unify naming for cyber threat actors
CrowdStrike and Microsoft have jointly introduced a new initiative aimed at standardising the way cyber threat actors are identified across the cybersecurity sector. The collaboration has resulted in a shared mapping system, aligning threat actor aliases between the two companies and promoting clarity in cyber threat attribution. Both companies state that this initiative is designed to accelerate threat response and reduce confusion caused by the inconsistent nicknames used for hacker groups among different security vendors. The cybersecurity industry has historically relied on disparate naming systems, each informed by distinct intelligence sources and analytical approaches. While these systems provide valuable context on adversaries, they can complicate cross-reference and response due to conflicting terminology. This increased complexity has prompted the need for a unified approach to threat actor attribution. CrowdStrike and Microsoft's joint mapping project serves as a form of 'Rosetta Stone' for cyber threat intelligence, linking adversary identifiers across their respective ecosystems without imposing a single nomenclature. By connecting aliases—such as CrowdStrike's COZY BEAR and Microsoft's Midnight Blizzard, or VANGUARD PANDA and Volt Typhoon—the mapping facilitates quicker and better-coordinated responses to sophisticated adversaries. According to CrowdStrike, the partners have already reconciled over 80 threat group aliases. The alignment expands to groups linked to major nation-state actors. For example, the companies have confirmed that Microsoft's Volt Typhoon and CrowdStrike's VANGUARD PANDA refer to the same China-nexus actor, while Secret Blizzard and VENOMOUS BEAR designate a Russia-linked group. Adam Meyers, Head of Counter Adversary Operations at CrowdStrike, commented on the significance of the collaboration. "This is a watershed moment for cybersecurity. Adversaries hide behind both technology and the confusion created by inconsistent naming. As defenders, it's our job to stay ahead and to give security teams clarity on who is targeting them and how to respond. This has been CrowdStrike's mission from day one," Meyers said. "CrowdStrike is the leader in adversary intelligence, and Microsoft brings one of the most valuable data sources on adversary behavior. Together, we're combining strengths to deliver clarity, speed, and confidence to defenders everywhere." The initial phase of the collaboration involves specialist teams from both companies working together to harmonise adversary naming conventions. The effort has already demonstrated practical value by validating the identities of specific threat actors across the two ecosystems. The companies will seek to expand this initiative, inviting additional contributors to create and maintain a broader threat actor mapping resource accessible to the global cybersecurity community. Vasu Jakkal, Corporate Vice President for Microsoft Security, emphasised the broader implications for the security sector. "Cybersecurity is a defining challenge of our time, especially in today's AI-driven era," Jakkal said. "Microsoft and CrowdStrike are in ideal positions to help our customers, and the wider defender community accelerate the benefits of actionable threat intelligence. Security is a team sport and when defenders can share and react to information faster it makes a difference in how we protect the world." The companies note that their collaboration builds on an established history of threat intelligence activity and contributes towards a shared mission: prioritising customer outcomes and sector-wide defence, rather than market competition. The mapping initiative will continue to develop as more partners join to keep the threat actor taxonomy up to date and useful for the defender community. Follow us on: Share on:
Techday NZ
28-05-2025
- Techday NZ
Check Point to acquire Veriti, boosting threat management suite
Check Point Software Technologies has entered into a definitive agreement to acquire Veriti Cybersecurity, expanding its offering in threat exposure and risk management. The acquisition aims to strengthen Check Point's Infinity Platform with Veriti's automated, multi-vendor platform for pre-emptive threat exposure and mitigation. Veriti is recognised for introducing pre-emptive exposure management that delivers automated remediation of threat exposure risks across more than 70 security vendors, without disrupting ongoing operations. Nadav Zafrir, Chief Executive Officer at Check Point Software Technologies, said, "The acquisition of Veriti marks a significant step toward realising our hybrid mesh security vision. It strengthens the Infinity Platform's open-garden approach, enabling seamless, multi-vendor remediation across the entire security stack. With Veriti, we're advancing preemptive, prevention-first security – an imperative in today's AI-driven threat landscape." The announcement addresses the growing challenge of AI-enabled cyber attacks and the complexities brought about by hyperconnected IT environments in modern enterprises. As organisations distribute their assets across clouds, datacentres, and endpoints, the risk of cyber attacks grows due to an expanded attack surface. Traditional reactive security methods are considered inadequate to address these increased risks effectively. Veriti's platform continuously identifies, prioritises, and remediates risk in multi-vendor security environments through automated patching and collaborative threat intelligence. The company, founded in 2021, has pioneered the Preemptive Exposure Management (PEM) category by actively discovering and mitigating risks that can be hidden in gaps between disparate security tools. The technology continuously monitors logs, threat indicators, and vulnerabilities present in an organisation's environment, and then coordinates protections in real time. Its integrations cover more than 70 security vendors, enabling security teams to detect and prevent attacks promptly without business disruption. Veriti's core capabilities to be integrated into the Check Point Infinity Platform include automated, cross-vendor virtual patching, which instantly applies non-disruptive protections based on vulnerabilities identified by security platforms such as CrowdStrike, Tenable, and Rapid7. This approach can reduce patching time from several weeks to a matter of minutes. The platform also enables real-time threat intelligence enforcement by verifying threat indicators from any connected tool, and orchestrating automated protection across firewalls, endpoints, web application firewalls, and cloud platforms. This coordination is designed to improve response times and effectiveness in multi-vendor security scenarios. An additional aspect of Veriti's offering is its seamless integration with existing environments through an API-based architecture, which does not require software agents or cause operational disruptions. The platform is compatible with more than 70 security vendors and supports a wide ecosystem. Veriti also extends its synergy with Wiz by ingesting Wiz's cloud exposure insights, such as information on unpatched servers or applications, and enables safe, automated virtual patching via Check Point or other vendors' network gateways. The platform's context-aware remediation analyses an organisation's exposures, configurations, and existing protections to apply appropriate controls in a manner that does not impair operations. Adi Ikan, Chief Executive Officer and co-founder of Veriti, said, "Security teams today suffer from a lack of action: exposures aren't just detected, they're compounding, hiding in the gaps between tools, teams, and timelines." He added, "We founded Veriti to help organisations not just see risk, but remediate it safely, at scale, and most importantly - without disruption." By joining Check Point, we're accelerating that mission. Together, we'll help organisations reduce their exposure faster through the security tools they already trust." Upon completion of the transaction, Veriti's capabilities will be incorporated into Check Point's Infinity Platform as part of its Threat Exposure and Risk Management suite. Combined with Check Point's recent External Risk Management solution, Veriti enhances the company's ability to address internal and external exposures across the complete enterprise attack surface. The finalisation of the acquisition is subject to customary closing conditions and is expected by the end of the second quarter of 2025.
