Cloud: Adversary-focused CNAPP features at CrowdStrike

18 May 2022
| No comments
Adversary-focused CNAPP features at CrowdStrike

Share post

The Falcon platform gives organizations the flexibility to secure their cloud environments with agent-based and agentless cloud security. CrowdStrike introduces the new, opponent-focused CNAPP functions.

CrowdStrike, a leading provider of cloud-based protection for endpoints, workloads, identity and data, introduces new, adversary-focused Cloud Native Application Protection Platform (CNAPP) capabilities to accelerate threat hunting for cloud environments and workloads and reduce average response time. The new capabilities are delivered via the Falcon platform and bring together the CrowdStrike modules Falcon Horizon (Cloud Security Posture Management or CSPM) and Falcon Cloud Workload Protection (CWP) within a common dashboard.

Cloud Native Application Protection Platform—CNAPP

This helps security and DevOps teams prioritize top cloud security issues, combat runtime threats, and enable threat hunting within the cloud. The updates also include new ways to use Falcon Fusion (CrowdStrike's SOAR framework) for Automation fixes for Amazon Web Services (AWS), new custom misconfiguration indicators (IOMs) for Google Cloud Platform (GCP), new ways to mitigate identity-based threats for Microsoft Azure, and more.

CrowdStrike's adversary-centric CNAPP approach offers both agent-based (Falcon CWP) and agentless (Falcon Horizon) solutions within the Falcon platform. This gives organizations the flexibility they need to decide how best to secure their cloud applications across the Continuous Integration/Continuous Delivery (CI/CD) pipeline and cloud infrastructures of AWS, Azure, and GCP. An additional benefit of the CWP solution is the ability to provide pre-runtime and runtime protection, as opposed to agentless-only solutions that offer limited visibility and no remediation.

The attacker-focused CNAPP features

New centralized console for Falcon Horizon and Falcon CWP

  • Cloud activity dashboard. Unify Falcon Horizon CSPM insights with Falcon CWP workload protection into a single user experience to prioritize top issues, address runtime threats, and enable cloud threat scanning. This speeds up investigation and response.

New features for Falcon Horizon

  • Custom misconfiguration indicators (IOMs) for AWS, Azure, and GCP. Ensure each cloud deployment comes with custom policies aligned with business goals.
  • Identity access analytics for Azure. Prevent identity-based threats and ensure Azure AD groups, users, and apps have permissions that are enforced using the principle of least privilege. This capability extends Falcon Horizon's existing Identity Access Analyzer capability for AWS.
  • Individual IOMs for GCP. Ensure security is part of every cloud deployment with custom policies aligned to business goals. This capability extends Falcon Horizon's existing custom IOM capabilities for AWS and Azure.

New skills for Falcon CWP

  • Falcon container detection. Automatically protect against malware and advanced threats targeting containers with machine learning (ML), artificial intelligence (AI), indicators of attack (IOAs), deep kernel visibility, custom compromise indicators (IOCs), and behavior blocking.
  • Detection of rogue containers. Keep your inventory up to date as containers are deployed and decommissioned. Scan rogue images and identify and stop containers launched as privileged or writable as these can be used as entry points for attacks.
  • Drift container prevention. Discover new binaries that are created or modified at runtime to protect container immutability.
More at CrowdStrike.com

 

About CrowdStrike

CrowdStrike Inc., a global leader in cybersecurity, is redefining security in the cloud age with its completely redesigned platform for protecting workloads and devices. The lean single-agent architecture of the CrowdStrike Falcon® platform uses cloud-scaled artificial intelligence and ensures protection and transparency across the company. This prevents attacks on end devices both inside and outside the network. With the help of the company's own CrowdStrike Threat Graph®, CrowdStrike Falcon correlates around 1 trillion endpoint-related events worldwide every day and in real time. This makes the CrowdStrike Falcon platform one of the world's most advanced data platforms for cybersecurity.

 

Matching articles on the topic

Cybersecurity platform with protection for 5G environments

Cybersecurity specialist Trend Micro unveils its platform-based approach to protecting organizations' ever-expanding attack surface, including securing ➡ Read more

Data manipulation, the underestimated danger

Every year, World Backup Day on March 31st serves as a reminder of the importance of up-to-date and easily accessible backups ➡ Read more

Printers as a security risk

Corporate printer fleets are increasingly becoming a blind spot and pose enormous problems for their efficiency and security. ➡ Read more

The AI ​​Act and its consequences for data protection

With the AI ​​Act, the first law for AI has been approved and gives manufacturers of AI applications between six months and ➡ Read more

Windows operating systems: Almost two million computers at risk

There are no longer any updates for the Windows 7 and 8 operating systems. This means open security gaps and therefore worthwhile and ➡ Read more

AI on Enterprise Storage fights ransomware in real time

NetApp is one of the first to integrate artificial intelligence (AI) and machine learning (ML) directly into primary storage to combat ransomware ➡ Read more

DSPM product suite for Zero Trust Data Security

Data Security Posture Management – ​​DSPM for short – is crucial for companies to ensure cyber resilience against the multitude ➡ Read more

Data encryption: More security on cloud platforms

Online platforms are often the target of cyberattacks, such as Trello recently. 5 tips ensure more effective data encryption in the cloud ➡ Read more

PR News
, , , ,