Cloud-indigenous protection service provider CrowdStrike has launched a cloud threat searching support called Falcon Overwatch, though also introducing better container visibility abilities to its Cloud Native Software Security System (CNAPP).
Falcon Overwatch involves agent and agentless danger hunting
Falcon Overwatch is a standalone risk searching services that makes use of CrowdStrike’s cloud-oriented indicators of assault to attain visibility into advanced and innovative cloud threats across the complete command plane, which contains the network factors and capabilities employed for cloud workloads.
The provider leverages each the CrowdStrike CNAPP’s agent-based mostly (Falcon cloud workload security) and agentless (Falcon Horizon cloud stability posture management) alternatives, to present greater visibility throughout multiple clouds, which includes Amazon Website Solutions, Azure, and Google Cloud.
“On a person facet, we receive agentless information from over 1.2 billion containers using Falcon Horizon,” says Param Singh, vice president for Falcon Overwatch. “On the other facet, we have information from our agents mounted by distinctive businesses for their endpoints, these as Linux servers functioning in the cloud. By combining these collectively, we are equipped to supply more productive threat searching.”
CNAPP updates boost container visibility
Somewhere else, CrowdStrike wants to make improvements to purchaser visibility into software containers to support location vulnerabilities, embedded malware, or saved secrets before a precise container is deployed. It achieves this by identifying and remediating rogue containers, or by correcting these which have drifted from their great configuration.
Responding to buyer demand from customers, CrowdStrike is growing these capabilties to work with Amazon’s managed, serverless Elastic Container Expert services (ECS) Fargate, on leading of existing assist for its Elastic Kubernetes Expert services (EKS) Fargate support.
CrowdStrike has also extended its picture registry scanning capabilities to 8 new container registries, which includes: Docker Registry 2., IBM Cloud Container Registry, JFrog Artifactory, Oracle Container Registry, Crimson Hat OpenShift, Pink Hat Quay, Sonatype Nexus Repository, and VMware Harbor Registry.
At last, CrowdStrike is adding software element investigation capabilities for detecting and remediating vulnerabilities in popular open up resource factors, such as Go, JavaScript, Java, Python, or Ruby dependencies in a customer’s codebase.
Bringing container graphic scanning capabilities to a rising selection of registries and managed expert services must support discover extra threats and misconfigurations within containerized environments, and enable protected constant integration, continual delivery (CI/CD) pipelines.