Beyond Identity and CrowdStrike: the Foundation of Zero Trust Security


Hello, everybody. I'm Kurt Johnson, Chief Strategy Officer at Beyond Identity. And I'm here to talk to you today about an exciting partnership and integration we've built with one of the leaders in enterprise or endpoint detection and response, CrowdStrike, and how the combination of our solutions can help customers on the journey to zero trust, providing the highest level of assurance and confidence around who and what is gaining access.

Hopefully, you're familiar by now with Beyond Identity and our passwordless unphishable authentication platform. Beyond Identity built this platform to truly help organizations running the Beyond Identity authenticator on their device to understand who and what is gaining access by cryptographically binding identity and device together to provide high degrees of confidence that you know who that individual is, you know the device that's cryptographically bound to them, but also checking the device security posture in order to provide access via leading identity providers IDP platforms and SSO vendors, even PAM vendors, to the variety of applications that their end users are accessing on a day in and day out basis.

Providing primary form of authentication and step-up multi-factor authentication, validating who and what is gaining access. These are critical ingredients to really help an organization assess the risk and understand who's gaining access. And through the relationship with CrowdStrike, we've enabled the ability of taking that a step further. With CrowdStrike, we've incorporated the opportunity for their leading endpoint security analytics, looking at the risk of these devices, the vulnerabilities that exist on these devices, and pulling that into the point of authentication.

What that provides is that we've taken endpoint detection and response and added protection. So, we understand the risk assessment and signals of that device and add that to the capabilities of what we're doing to provide even higher degrees of who and what is gaining access. First and foremost, we're looking for the presence of the CrowdStrike Falcon sensor on that device. When that user authenticates, we validate that that sensor is on that device, that it's configured appropriately prior to providing access to the various resources that the end user is trying to access.

And we've taken that even a step further to truly assess the risk signals. CrowdStrike's developed the concept of a zero trust assessment score, which takes the variety of factors that they are gathering and actually assembles that into a score, that this is a 70 out of 100. And what Beyond Identity has done is incorporated that into our policy engine to say, if it exceeds 70, provide access. If it doesn't meet that ZTA score, then deny access, giving organizations even higher degrees of confidence around the device and what is happening on that device at the point of authentication.

And then finally, we can even go one step further around the whole notion of continuous authentication critical on the journey to zero trust. That we can be assessing this on an ongoing basis, both with CrowdStrike running continuous signals, as well as our own. And if anything changes on that device, we can immediately signal CrowdStrike that there has been a change on that device and CrowdStrike can then quarantine that device.

So, it no longer has access to these resources requiring re-authentication by Beyond Identity before enabling that user to get back. And we will not accept authentication unless whatever change is brought back within policy. So together, CrowdStrike and Beyond Identity providing the essential ingredients and foundation for zero trust to truly understand and assess who and what is gaining access to your most critical resources. Thank you.