We’re excited to carry Remodel 2022 again in-person July 19 and just about July 20 – 28. Be part of AI and information leaders for insightful talks and thrilling networking alternatives. Register as we speak!
CrowdStrike has unveiled new capabilities for its adversary-focused cloud-native utility safety platform (CNAPP). These new capabilities shorten the time it takes to answer threats in cloud environments and workloads by accelerating risk searching.
CrowdStrike focuses on cloud-delivered endpoint safety, cloud workloads id and information. CrowdStrike Safety Cloud and world-class AI function on the CrowdStrike Falcon platform. This platform employs real-time assault indicators, risk intelligence, growing adversary commerce craft and enriched telemetry from throughout the enterprise, to allow hyper-accurate detections, automated safety and remediation, elite risk searching and prioritized visibility of vulnerabilities.
The Falcon platform, which is purpose-built within the cloud with a single lightweight-agent structure, is designed to facilitate quick and versatile setup, enhanced safety and effectivity, straightforward implementation and faster time-to-value.
Unveiled on the Falcon platform, the brand new adversary-focused CNAPP capabilities carry collectively two of CrowdStrike’s cloud options by way of a shared cloud exercise dashboard. The favored agentless Falcon Horizon referred to as Cloud Safety Posture Administration (CSPM) and the agent-based Falcon Cloud Workload Safety (CWP) modules.
Created to help safety and devops groups in prioritizing probably the most vital cloud safety points, addressing runtime threats and enabling cloud risk searching, the updates additionally embody new strategies of leveraging Falcon Fusion (CrowdStrike’s SOAR framework) to automate remediation for Amazon Internet Providers (AWS); new customized Indicators of Misconfigurations (IOMs) for AWS, Google Cloud Platform (GCP) and Microsoft Azure; new strategies to stop identity-based threats; and extra.
Organizations that use multicloud environments and hybrid work fashions have disintegrated conventional work boundaries. Builders spin clouds up and down in minutes with out noticing any potential misalignment.
Equally, public cloud situations are made accessible for fast use with out the usage of MFA (multifactor authentication) or different safety procedures. An attacker can exploit a safety flaw in lower than a second and launch a fast-moving lateral breach. To safe their cloud infrastructures earlier than a risk actor finds a manner in, corporations should suppose like attackers.
Just lately named a Strong Performer in The Forrester Wave, CrowdStrike is addressing this want with the adversary-focused strategy to CNAPP, which is powered by industry-leading risk intelligence.
“CrowdStrike is distinct from different distributors available in the market as a result of we provide each agent-based and agentless options, giving organizations full visibility, detection and remediation capabilities to safeguard their cloud infrastructure,” mentioned Amol Kulkarni, the chief product and engineering officer at CrowdStrike.
In accordance with Kulkarni, CrowdStrike additionally gives breach safety for cloud workloads, containers and Kubernetes. The corporate does this for enterprises with multicloud and hybrid cloud infrastructures, giving them real-time alerting and reporting on over 150 cloud threats. CrowdStrike’s adversary-focused strategy to CNAPP, which is backed by industry-leading risk intelligence, ensures that enterprises are well-prepared to defend in opposition to cloud breaches.
Dave Worthington, normal supervisor of digital safety and danger at Jemena, affirmed that CrowdStrike’s CNAPP gives a deep and correct view of the cloud risk panorama. This, he mentioned, has set CrowdStrike other than the competitors.
“CrowdStrike’s cloud safety providers, akin to Falcon Horizon, which we use to watch our cloud atmosphere and detect misconfigurations, vulnerabilities and safety threats, are regularly evolving and bettering, which is without doubt one of the greatest advantages I’ve seen,” Worthington mentioned.
Jason Waits, director of cybersecurity at Inductive Automation, equally believes that the Falcon platform’s enlargement to allow CNAPP can ship full cloud safety with risk searching capabilities that no different vendor can replicate.
“CrowdStrike’s efficiency amazes us because of its minimal CPU utilization and comparatively low impression on general system efficiency. We’re in a position to cut back safety blindspots with Falcon Horizon by constantly monitoring our cloud atmosphere for misconfigurations,” Waits mentioned.
CrowdStrike’s adversary-focused CNAPP capabilities
Cloud exercise dashboard: Combines Falcon Horizon’s CSPM insights with Falcon CWP’s workload safety right into a single consumer interface. This enables for speedier evaluation and intervention by prioritizing vital points, addressing runtime dangers and enabling cloud risk searching.
Customized indicators of misconfigurations (IOMs) for AWS, Azure and GCP: Ensures that safety is a part of each cloud deployment, with tailor-made insurance policies that correspond with organizational objectives.
Id entry analyzer for Azure: Defends in opposition to identity-based threats. It additionally ensures that permissions are enforced primarily based on the least privilege for Azure Energetic Listing (AD) teams’ customers and apps. Falcon Horizon’s present Id Entry Analyzer for AWS performance has been prolonged with this functionality.
Automated remediation workflow for AWS: Responds to threats with guided and automatic remediation powered by Falcon Fusion. Workflows present context and prescriptive path for resolving points and decreasing incident decision time.
Falcon container detection: Defends in opposition to malware and complex threats focusing on containers routinely with machine studying (ML), synthetic intelligence (AI), indicators of assault (IoAs), deep kernel visibility and customized indicators of compromise(IoCs) in addition to behavioral blocking.
Rogue container detection: Retains monitor of container deployments and decommissions. It detects and scans malicious pictures and likewise identifies and prevents privileged or writable containers from being created – which can be utilized as entry factors for assaults.
