CrowdStrike introduces adversary-focused CNAPP


CrowdStrike, cloud-delivered protection of endpoints, cloud workloads, identity and data, introduced new adversary-focused Cloud Native Application Protection Platform (CNAPP) capabilities to accelerate threat hunting for cloud environments and workloads and reduce the mean time to respond. Delivered from the Falcon platform, the new capabilities bring together CrowdStrike’s popular Falcon Horizon (Cloud Security Posture Management or CSPM) and Falcon Cloud Workload Protection (CWP) modules via a common cloud activity dashboard to help security and DevOps teams prioritize top cloud security issues, address runtime threats and enable cloud threat hunting. The updates also include new ways to use Falcon Fusion (CrowdStrike’s SOAR framework) to automate remediations for Amazon Web Services (AWS), new custom Indicators of Misconfigurations (IOMs) for Google Cloud Platform (GCP), new ways to prevent identity-based threats for Microsoft Azure and more.

CrowdStrike’s adversary-focused approach to CNAPP provides both agent-based (Falcon CWP) and agentless (Falcon Horizon) solutions delivered from the Falcon platform. This gives organizations the flexibility necessary to determine how best to secure their cloud applications across the continuous integration/continuous delivery (CI/CD) pipeline and cloud infrastructure across AWS, Azure and GCP. The added benefit of an agent-based CWP solution is that it enables pre-runtime and runtime protection, compared to agentless-only solutions that only offer partial visibility and lack remediation capabilities.

“What sets CrowdStrike apart from other vendors in the market is that we offer agent-based and agentless solutions, which provides organizations with comprehensive visibility, detection and remediation capabilities to secure their cloud infrastructure,” said Amol Kulkarni, chief product and engineering officer at CrowdStrike. “Additionally, we offer breach protection for cloud workloads, containers and Kubernetes for both multi-cloud and hybrid cloud environments for organizations, who get access to real-time alerting and reporting on more than 150 cloud adversaries. Our adversary-focused approach to CNAPP, powered by our industry-leading threat intelligence, ensures that organizations are best equipped to stop cloud breaches.”

“One of the big benefits I’ve witnessed is that CrowdStrike is constantly innovating and enhancing its cloud security offerings, such as Falcon Horizon, which we use to monitor our cloud environment and detect misconfigurations, vulnerabilities and security threats,” said Dave Worthington, general manager of digital security and risk at Jemena. “CrowdStrike’s CNAPP provides a deep and accurate view of the cloud threat landscape that we believe sets them apart from the competition.”

“We’re blown away by the performance of CrowdStrike, as there is minimal CPU demand and negligible impact on system performance. With Falcon Horizon, we’re able to eliminate security blindspots by continuously monitoring our cloud environment for misconfigurations,” said Jason Waits, director of cyber security at Inductive Automation. “We think CrowdStrike extending the Falcon platform to support CNAPP can provide comprehensive cloud security with threat hunting capabilities that no other vendor can match.”

“CrowdStrike’s ability to provide an adversarial perspective on cloud attack chains supports the strategic imperative for organizations to update their threat model to include their cloud footprint,” said Doug Cahill, vice president, analyst services and senior analyst at Enterprise Strategy Group (ESG). “Additionally, the rise of cloud threats demands a comprehensive approach to cloud security and CrowdStrike is well-positioned to address this need with the Falcon platform, which integrates agent-based and agentless solutions to provide end-to-end security from code to runtime.”

Leave a reply