XDR, Cloud Security, Channel partners, Channel markets, Content, Security Program Controls/Technologies, MSSP, Channel partner programs, Threat Intelligence, Threat Management

CrowdStrike’s 1-Click XDR Elevates Falcon Cloud Attack Path Platform


CrowdStrike has added new cloud security capabilities to its Falcon platform to deliver full visibility into potential attack paths.

Introducing 1-Click XDR

To help organizations stop breaches from endpoint to cloud, CrowdStrike, an extended detection and response specialist (XDR), has expanded its platform with Falcon Cloud Security.

New capabilities include:

  • 1-Click XDR. Organizations can sweep their cloud environment with native agentless visibility to identify unprotected workloads and automatically deploy the Falcon agent for end-to-end runtime protection.
  • Agentless snapshot scanning. When an agent can’t be installed, organizations can gain full visibility into cloud workload risk by detecting vulnerabilities and installed applications, starting with support for AWS.
  • Complete cloud attack path visualization. Organizations can see a unified view of the attack path, from host to cloud, to detect, prevent and remediate cloud threats, without the complexity of multiple consoles and agents.

CrowdStrike Falcon Cloud Security provides Cloud Native Application Protection Platform capabilities that integrate Cloud Workload Protection, Cloud Security Posture Management, Cloud Infrastructure Entitlement Management and container security.

Additional upgrades include:

  • An updated compliance dashboard (now supporting CIS, NIST, PCI, SOC2 and custom frameworks).
  • New Infrastructure as Code (IaC) Security.
  • Integrated Kubernetes admission controller.

Seeing Through the Cloud

In its 2023 Global Threat Report, CrowdStrike found that cloud exploitation cases grew by 95% and more than one-third (36%) of cloud environments had insecure cloud service provider default settings. Cases involving threat actors specifically targeting cloud environments have nearly tripled.

Organizations need complete visibility and protection into cloud workloads, explained Raj Rajamani, chief product officer, DICE (data, identity, cloud, endpoint), at CrowdStrike:

“The latest innovations from CrowdStrike enable DevSecOps teams to proactively understand adversaries, identify unprotected cloud workloads and deploy protection with one click of a button, and use snapshots to maintain visibility and protection when an asset can’t support an agent.”

Pax8 Flies on Falcon

Earlier this month, Pax8, a popular cloud commerce marketplace, and CrowdStrike formed a strategic partnership that will give MSPs access to the CrowdStrikes’s Falcon platform.

The partners said the agreement is the result of a shared commitment to empowering MSPs in effectively mitigating cyber risks for their business customers.

The CrowdStrike offering is set to launch on the Pax8 Marketplace later this year.

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.