Cloud Security, Channel partners, Content

CrowdStrike Introduces Multi-Cloud Threat Hunting Capabilities

Viruses are detected in cyberspace. Abstract sight is aiming for threats. The problem is detected. Illustration.

CrowdStrike has announced multi-cloud threat hunting capabilities for its Cloud Native Application Protection Platform (CNAPP). These capabilities help organizations hunt for threats in cloud environments and workloads and reduce the mean time to respond.

The multi-cloud threat hunting capabilities are delivered via CrowdStrike's Falcon endpoint protection platform, the company said. They combine CrowdStrike's Falcon Horizon cloud security posture management (CSPM) and Falcon Cloud Workload Protection (CWP) modules into a cloud activity dashboard to help security and development and operations teams prioritize cloud security issues, address runtime threats and perform cloud threat hunting.

CrowdStrike Unveils New Capabilities for Falcon Horizon, Falcon CWP

Along with introducing multi-cloud threat hunting capabilities for CNAPP, CrowdStrike has announced the following new capabilities for Falcon Horizon:

  • Automated Amazon Web Services (AWS) remediation workflows that provide context and guidance to fix security issues and reduce time to resolve incidents.
  • Identity access analyzer for Microsoft Azure that ensures Azure Active Directory groups, users and apps have permissions enforced based on least privilege.
  • Custom indicators of misconfigurations for Google Cloud Platform with custom security policies that align with business goals.

In addition, CrowdStrike has announced the following new capabilities for Falcon CWP:

  • Container detection that uses artificial intelligence, machine learning, indicators of attack, deep kernel visibility, custom indicators of compromise and behavioral blocking to defend against malware and other threats.
  • Rogue container detection that helps an organization maintain an up-to-date inventory as containers are deployed and decommissioned.
  • Drift container prevention that allows an organization to discover new binaries created or modified at runtime to secure its containers.

The new CNAPP capabilities will be generally available in May 2022.

CrowdStrike Unveils Falcon Identity Threat Protection Complete

The CNAPP capabilities announcement comes after CrowdStrike in March 2022 unveiled Falcon Identity Threat Protection Complete, a "fully managed" solution that combines identity threat prevention and IT policy enforcement. Falcon Identity Threat Protection Complete provides a managed detection and response (MDR) solution that organizations can use to guard against identity-based attacks and reduce their attack surface, CrowdStrike said.

CrowdStrike delivers cybersecurity solutions to help organizations protect their cloud environments, data, endpoints and identities. The company also provides the Elevate Partner Program that lets MSSPs and MSPs integrate its cybersecurity solutions into their portfolios.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.