Dell, CrowdStrike Co-Engineer MDR For PowerProtect Storage
‘This is a joint partnership, meaning our engineering team and our security operations teams sitting together with CrowdStrike’s engineering and with their security operations team. We’ve jointly worked together over the past few months to figure out what information to mine,’ Dell’s Mihir Maniar tells CRN.
Dell Technologies and CrowdStrike have co-engineered new MDR capabilities for Dell’s PowerProtect storage, giving it 64 indicators of compromise and around-the-clock monitoring for threats inside the backup storage device, Dell’s Mihir Maniar, vice president of infrastructure, edge and security services portfolio, told CRN.
“Secondary storage is what attackers are after,” Maniar said. “Because if you target the secondary storage, the backup storage portfolio, then it becomes hard for customers to recover, right? You can’t recover from your attack, for instance, if that becomes corrupted. And you cannot go and put an agent on that, like on a PC or on a server.”
The answer for Dell was to leverage CrowdStrike’s next-generation SIEM, which allows Dell to export the proprietary logs coming from Dell’s data protection systems and into the SIEM, which can reveal up to 64 indicators of compromise based on the MITRE attack framework.
“The key thing is this is a big industry gap that backup systems are being attacked. Recovery is critical. There’s no 24x7 continuous monitoring. And so we expanded our MDR leading service with CrowdStrike to kind of build this out jointly,” Maniar said. “That’s available for direct as well as for partners across 75 countries. Those partners could be CrowdStrike or Dell. Either or.”
[RELATED: From AI Factory To AI PC, Dell Is 'Meeting The Moment': Exec Eric Arcese]
Dell and CrowdStrike unveiled their partnership around an MDR product last year and have spent the past several months developing products together.
Daniel Bernard, chief business officer at CrowdStrike, told CRN that the work the two companies did to bring this to market with CrowdStrike’s next-gen SIEM underpinning the technology validates their strategy.
“We’re really proud of the work that Dell’s done here and that we’ve done together to create a bespoke offering in the market,” he told CRN. “The entire market is waking up and saying, ‘Where am I going with my SIEM? Do I have the right technology? And this is just another validation point and example of why the consolidation is happening on the Falcon platform.”
Maniar said the teams used the intelligence gathered through the interactions that Dell’s security operations team has had with more than 20,000 customers to understand what is happening inside the systems when attacks are carried out and where attackers are likely to strike.
“So we’ve used our intelligence together with CrowdStrike intelligence to figure out what are those indicators of compromise to build based on the log data,” he told CRN. “This is a joint partnership, meaning our engineering team and our security operations teams sitting together with CrowdStrike engineering and with their security operations team. We’ve jointly worked together over past few months to figure out what information to mine.”
The managed offering is available through Dell and CrowdStrike channel partners exclusively for Dell’s PowerProtect portfolio. The two companies are talking about expanding it to other Dell storage devices in the near future.
“This is why the Falcon platform is unique in the market, the convergence between cybersecurity tooling and data management with what our next-gen SIEM has, and it’s just another way that Dell and CrowdStrike are leading the way together,” Bernard told CRN.