Back to Blog

Pangea Partners with CrowdStrike to Bring Security by Design to Application Builders

Rich Hlavka
Rich Hlavka

As we rapidly expand Pangea’s security intelligence services, we’re extremely excited to announce our new partnership with CrowdStrike! CrowdStrike is a proven leader in the security and threat intelligence space with thousands of worldwide customers using the cloud-native CrowdStrike Falcon® platform alongside CrowdStrike’s talented team of malware and forensics analysts.

The Falcon platform coupled with its expert team continually collects real-time threat intel leveraging more than a trillion events per day from millions of endpoints. In addition, CrowdStrike’s “all source” collection methodology includes extensive honeypots and honeynets to create one of the industry’s best threat intel sources for proactive threat protection. Through our new partnership, developers can now embed this intelligence directly into their code, following the process of “security by design” to thwart security threats, from the design and build phase all the way through to production.

The Pangea and CrowdStrike partnership enables application builders to leverage CrowdStrike’s threat intel expertise and Pangea’s Security Platform as a Service (SPaaS) to embed security directly into their code. This is truly shifting “left of left” by designing security into applications in a fast and secure manner — while also allowing cloud-based applications to be developed better, easier, and faster!

What is Pangea?

Pangea is the world's most comprehensive provider of security services for cloud and mobile app developers, SaaS platform providers, and security operations centers. By making security a core part of every software builder's toolset, Pangea delivers the required security DNA for your organization, reinventing how you deliver a secure customer experience.

Every app these days must deliver basic security capabilities - authentication, authorization, audit logging, secure file exchange, and more. Rather than reinvent the wheel every time, Pangea aims to bring these capabilities to developers and builders in the form of simple, easy-to-integrate API-first services. This allows you to focus on what you do best, while Pangea handles the rest. For a more in depth view read our blog - Introducing Security Platform as a Service.

How Do Pangea and CrowdStrike Work Together?

Through our partnership with CrowdStrike, the dominant leader in endpoint detection and response (EDR) and extended detection and response (XDR) according to the latest Forrester Wave report for EDR, Pangea will provide threat intelligence data via CrowdStrike’s indicators of compromise (IOCs) feed. This threat intel feed leverages the CrowdStrike® Security Cloud to collect and correlate trillions of events per day with data from millions of endpoints across 176 countries and over 30 native languages, and human intelligence across the internet, whether it is the deep and dark web, social media, or more.

CrowdStrike’s IOC’s also give your team the visibility and context to understand how the adversary is operating and behaving by utilizing the Falcon platform’s combination of artificial intelligence, malware correlation, and machine learning to assess trends and behaviors. The data — which currently contains over 190 million indicators updated in real time — is then further analyzed and thoroughly curated to normalize responses delivering meaningful threat visibility.

Further, the indicators in the IOCs feed are enriched with context, including confidence level, attribution, related vulnerabilities, threat type, kill chain, malware family, and target industry.

CrowdStrike data is now integrated into four Pangea services:

File Intel - submit a file hash, or file path, using the SDK, and get back the file’s attributes. File Intel provides a file's disposition for threats that include malware, ransomware, trojan horses, spyware, and adware. Embed File Intel directly into your cloud app to determine if file objects are known to be malicious. Common use cases include:

  • Determining if a file uploaded by a user is known to be malicious before it’s opened or shared with others

  • Integrating File Intel into your SOAR or threat intelligence platform

  • Scanning third party objects in your software build pipeline to identify malicious objects

  • Discovering malicious objects in third party software that you may be utilizing before installing

Domain Intel - Domain Intel can be embedded directly into your application to determine if a domain is malicious. Common use cases include:

  • Detecting malicious domains in forum posts, blogs, chat sessions, social applications, or any other type of user generated content.

  • Blocking a user signing up for your app with an email address that has a malicious domain in it.

  • Checking domain names extracted from suspicious files that have been either statically or dynamically analyzed (i.e. sandbox detonation or runtime behavior analysis).

  • Checking the address of incoming emails to detect and block Business Email Compromise, Phishing, and SPAM email campaigns. This may include one or more of the following, for example:

    • The “From” address (e.g. info@pangea.cloud)

    • The return-path domain (e.g. bounces@pangea.cloud)

    • The DKIM signing domain

    • Any other links, headers, content, and brand assets included in the message

IP Intel - Embed IP Intel and receive a standard verdict that can be interpreted in the API response. Armed with this information, you might choose to immediately block an IP from your environment or validate the user of that IP with multi-factor authentication (MFA).

URL Intel - Embed URL Intel and receive a standard verdict that can be interpreted in the API response. Armed with this information, use cases may include:

  • Redacting the URL from user-provided data, or block the URL in your environment.

  • Detecting malicious domains in forum posts, blogs, chat sessions, social applications, or any other type of user generated content.

This provides intelligence previously only available to the largest enterprise SOCs to developers and offered through a pay-as-you-go pricing model. This Intel can then be incorporated directly into applications so advanced security decisions can be made as the application is used.

Looking ahead to big things

This partnership with CrowdStrike will allow Pangea to provide our customers with unparalleled leadership in threat intelligence while providing an even more comprehensive and effective set of APIs which developers will be able to leverage in a wide variety of powerful and useful ways.

Get updates in your inbox and subscribe to our newsletter

background landmass

We were recognized by Gartner®!

Pangea is a Sample Vendor for Composable Security APIs in the 2024 App Sec Hype Cycle report