Expanded Cybersecurity Partnership with CrowdStrike Further Protects the Public Against Potential Attacks

EAST GREENBUSH, N.Y., AND WASHINGTON, Feb. 8, 2023 – One year after partnering to offer Endpoint Security Services (ESS), the Center for Internet Security, Inc. (CIS®) and CrowdStrike© announced the debut of ESS Spotlight, a new service that leverages the cloud-native power of the CrowdStrike Falcon Platform.

Taking advantage of the CrowdStrike Falcon Spotlight module, the new service brings together endpoint detection and response (EDR) with vulnerability management to provide real-time visibility into vulnerabilities and exposures. As a result, state, local, tribal, and territorial (SLTT) governments, K-12 public schools, and public hospitals across the United States can consolidate key components of their security stacks to reduce costs and increase protection by creating a single view of their vulnerability exposure. 

“On the heels of a successful 2022 launch of CIS ESS, powered by CrowdStrike, we’re excited to expand our partnership to provide vulnerability management in the form of CIS ESS Spotlight,” said Gina Chapman, Executive Vice President & General Manager of Sales and Business Services at CIS. “ESS Spotlight is going to provide security teams with a seamlessly integrated and scan-free approach to managing vulnerabilities at the endpoint-level, and CIS is pleased to be able to provide this added capability at low cost to U.S. state and local government organizations.”

As the technology foundation behind CIS ESS and now CIS Spotlight, CrowdStrike brings its cloud-native, intelligent single-agent platform to protect CIS managed endpoints with next-generation antivirus (NGAV), EDR, and vulnerability management. The combined solution unifies threat and vulnerability management to gain real-time visibility into exposures to proactively reduce risk and prioritize exploited vulnerabilities, enabling defenders to quickly respond to active attacks. ESS Spotlight offers:

  • Real-time, automated assessment: ESS Spotlight continuously monitors the vulnerability status of all endpoints, on or off the organization’s network.
  • Scan-less technology and patch management: No time-consuming scans, no lag time, and real-time data empower security teams to push necessary patches quickly across their environment.
  • Prioritize vulnerabilities to fix based on the likelihood of exploit: Native threat intelligence provides critical context to understand which vulnerabilities are being exploited to prioritize which to fix first.
  • Shortened response time: More visibility means security teams can react more quickly to cyber threats.
  • Complete, simple, and actionable reports: Customized and prioritized dashboard options enhance vulnerability management.

“By expanding our partnership, CIS is enabling SLTT governments, schools, and public hospitals to leverage CrowdStrike Falcon Spotlight alongside ESS to provide real-time visibility into threats and exposures across endpoints, shortening response time and prioritizing the vulnerabilities to remediate first, based on real-time threat intelligence,” said James Yeager, Vice President of public sector and healthcare, CrowdStrike. “CrowdStrike is fiercely committed to protecting the critical areas of risk in the public sector by offering maximum protection with minimal complexity, helping organizations stay ahead of threats, respond to malicious attempts faster, and stop breaches.”

Puerto Rico is among nearly 500 state, local, tribal, and territorial governments adding ESS protection in the past year.

“Our office can now detect and block more cybersecurity threats than ever,” said Nanette Martinez Ortiz, Chief Innovation and Information Officer for the Government of Puerto Rico. “From May 2022 to date with the CIS’s Endpoint Security Services alone, we have been able to detect and mitigate over 3,900 attacks, showing a significant improvement in the Government of Puerto Rico’s cybersecurity posture.”

To learn more about ESS and ESS Spotlight, visit our website.

To speak with the Center for Internet Security about the impact of ESS on state and local government organizations and K-12 schools, please contact CIS Media Relations Manager Kelly Wyland at [email protected] or call/text 518-256-6978.


Previous news stories on ESS:






About CIS

The Center for Internet Security, Inc. (CIS®) makes the connected world a safer place for people, businesses, and governments through our core competencies of collaboration and innovation. We are a community-driven nonprofit, responsible for the CIS Critical Security Controls® and CIS Benchmarks, globally recognized best practices for securing IT systems and data. We lead a global community of IT professionals to continuously evolve these standards and provide products and services to proactively safeguard against emerging threats. Our CIS Hardened Images® provide secure, on-demand, scalable computing environments in the cloud. CIS is home to the Multi-State Information Sharing and Analysis Center® (MS-ISAC®), the trusted resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial (SLTT) government entities, and the Elections Infrastructure Information Sharing and Analysis Center® (EI-ISAC®), which supports the rapidly changing cybersecurity needs of U.S. election offices. To learn more, visit CISecurity.org or follow us on Twitter: @CISecurity.