CrowdStrike has unveiled new cloud security capabilities to deliver complete visibility into potential attack paths, from endpoint to cloud, and instantly secure vulnerable cloud workloads across build and runtime. As part of this, CrowdStrike announced a “1-Click XDR” capability that automatically identifies and secures unprotected cloud workloads by instantly deploying the CrowdStrike Falcon agent. These agent and agentless innovations empower customers to consolidate multiple cloud security point products into a single, unified platform for complete protection across the cloud security lifecycle.
CrowdStrike Falcon Cloud Security provides market-leading Cloud Native Application Protection Platform (CNAPP) capabilities that integrate Cloud Workload Protection (CWP), Cloud Security Posture Management (CSPM), Cloud Infrastructure Entitlement Management (CIEM) and container security – all in a single platform, extended with industry-leading managed services.
“Organizations clearly need complete visibility and protection into cloud workloads, no matter where they exist,” said Raj Rajamani, chief product officer, DICE at CrowdStrike. “Preventing a breach requires the tight, native integration of agent and agentless capabilities across CWP, CSPM and CIEM to stop breaches from both adversaries and human error. The latest innovations from CrowdStrike enable DevSecOps teams to proactively understand adversaries, identify unprotected cloud workloads and deploy protection with one click of a button, and use snapshots to maintain visibility and protection when an asset can’t support an agent.”
New capabilities for CrowdStrike Falcon Cloud Security include:
● 1-Click XDR: Organizations can sweep their cloud environment with native agentless visibility to identify unprotected workloads and automatically deploy the CrowdStrike Falcon agent for end-to-end runtime protection.
● Agentless Snapshot Scanning: When an agent can’t be installed, organizations can gain full visibility into cloud workload risk by detecting vulnerabilities and installed applications – starting with support for AWS.
● Complete Cloud Attack Path Visualization: Organizations can see a unified view of the attack path, from host to cloud, to detect, prevent and remediate cloud threats, without the complexity of multiple consoles and agents.
● Additional Updates Include: An updated Compliance Dashboard (now supporting CIS, NIST, PCI, SOC2 and custom frameworks), new Infrastructure as Code (IaC) Security, and an integrated Kubernetes Admission Controller.