CrowdStrike has made significant strides in its Falcon Cloud Security line, making improvements to cloud detection and response (CDR) services broadly available. This comes at a time when cloud intrusions have seen a staggering 75% increase in the last year. The cyber security firm aims to aid beleaguered SecOps teams by providing a consolidated platform designed to enhance risk visibility and threat hunting across all cloud resources.
As part of its announcement at the RSA conference, CrowdStrike unveiled its 24/7 cross-domain threat hunting system for Microsoft Azure environments, a first of its kind. Offering an unparalleled level of visibility across clouds, identities and endpoints, this new feature strengthens CrowdStrike’s existing threat-hunting for cloud runtime environments. Its introduction is a response to adversaries who continue to exploit visibility gaps and fragmented platforms with identity-based attacks. At the same time, CrowdStrike acknowledges the challenges faced by Cloud SecOps teams, who grapple with the widening skills gap in navigating cloud security.
Michael Sentonas, President at CrowdStrike, highlighted the impact of this development, stating, “Stopping cloud breaches requires rapid detection and response, but too often, Cloud SecOps teams are forced to manage multiple platforms and point products to get the visibility they need across their cloud infrastructure”. According to Sentonas, the superior combination of CrowdStrike’s industry-leading cloud threat hunting services and comprehensive Cloud Native Application Protection Platform (CNAPP) creates a powerful ‘force multiplier’ for Cloud SecOps teams, providing the ability to consolidate tools, close gaps in visibility, and deliver the critical security measure – stopping the breach.
The release follows the DHS Cyber Safety Review Board’s (CSRB) 2023 report, which suggested that an identity-based attack breach of Microsoft Exchange Online could have been precluded. The report illustrates the important task of anticipatory detection and response to cloud attacks, particularly for Microsoft Azure environments.
CrowdStrike’s new release will deliver comprehensive cloud detection and response services by amplifying safeguards across various parameters, including cloud control planes, cloud identity threats and thwarting adversary lateral movement. Beginning with Microsoft Azure, CrowdStrike will expand visibility into cloud control plane activity while augmenting existing threat-hunting resources for cloud runtime environments. Moreover, CrowdStrike’s consolidated platform will enable cloud threat hunters to proactively monitor and preclude compromised users and credentials from being exploited in cloud attacks. Lastly, the unification of the AI-native CrowdStrike Falcon platform will empower CrowdStrike cloud threat hunters to track lateral movement from cloud to endpoint, allowing quick response, actionable insights and decisive remediation from start to finish.
The ambitious rollout by CrowdStrike in Falcon’s Cloud Security product line demonstrates the company’s continuous endeavour to redefine cloud-native security. CrowdStrike is driven by its commitment to protecting critical areas of enterprise risk—including endpoints and cloud workloads, identity, and data—and stopping breaches in their tracks.
About Author
