CrowdStrike introduces the industry's first cloud threat hunting service to stop advanced cloud-based attacks. Falcon OverWatch Cloud Threat Hunting gives organizations access to an elite team of threat hunters to prevent incidents in cloud environments.
CrowdStrike, a leading provider of cloud-based endpoint, workload, identity and data protection, today introduced Falcon OverWatch Cloud Threat Hunting. It is the industry's first standalone threat hunting service for hidden and advanced threats that originate, operate or exist in cloud environments. Armed with the industry's first cloud-facing control plane Indicators of Attack (IOAs) and detailed adversary strategies, OverWatch Cloud Threat Hunting provides a unique insight into cloud environments to observe and ultimately stop the most sophisticated cloud threats.
Cloud-based attacks
The rapid adoption of cloud-native architectures has created new, broader attack surfaces that often leave security teams in the dark, lacking the visibility and skills needed to scan for advanced threats XNUMX/XNUMX in these complex cloud environments to search. As a result, attackers can find and exploit cloud resources faster than security teams can discover them.
Leveraging CrowdStrike's agent-based and agentless Cloud Native Application Protection Platform (CNAPP), Falcon OverWatch cloud threat hunters can investigate suspicious and anomalous behaviors, as well as novel attack techniques. Operating 365 hours a day, XNUMX days a year, Falcon OverWatch Cloud Threat Hunting can prevent incidents and security breaches by proactively alerting customers to cloud-based attacks, including:
- Attack activity occurring within and across the cloud infrastructure of Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure, and other cloud service providers.
- Demanding hands-on-keyboard activities and zero-days that exploit and compromise cloud workloads and containers in production.
- Cloud-based IOAs, such as control plane and serverless vulnerabilities, misconfigurations, application behavior anomalies, container breaches, privilege escalation, node compromise, and more.
- Attack paths that first exploit traditional IT resources to gain initial access and then move to applications, systems and data in the cloud.
Proactive Cloud Threat Hunting
"CrowdStrike pioneered the process by combining industry-leading technology with proactive threat hunting to deliver truly comprehensive protection that bridges the gap between detection and response," said Shawn Henry, chief security officer and president of CrowdStrike Services. “We're leveraging this leadership with Falcon OverWatch Cloud Threat Hunting, offering a new cloud-specific service that no other provider can match. This gives organizations XNUMX/XNUMX access to cloud expertise without the high overhead or required investment in people, training, and tools needed to successfully combat attackers. We believe Falcon OverWatch Cloud Threat Hunting is a powerful enabler for organizations looking for a dedicated service to protect their cloud environments.”
More at CrowdStrike.com
About CrowdStrike CrowdStrike Inc., a global leader in cybersecurity, is redefining security in the cloud age with its completely redesigned platform for protecting workloads and devices. The lean single-agent architecture of the CrowdStrike Falcon® platform uses cloud-scaled artificial intelligence and ensures protection and transparency across the company. This prevents attacks on end devices both inside and outside the network. With the help of the company's own CrowdStrike Threat Graph®, CrowdStrike Falcon correlates around 1 trillion endpoint-related events worldwide every day and in real time. This makes the CrowdStrike Falcon platform one of the world's most advanced data platforms for cybersecurity.