CrowdStrike extends AWS relationship, arms enterprises against cyber threats
CrowdStrike has released new features to the CrowdStrike Falcon platform that work with services from Amazon Web Services (AWS).
According to the company, the company is focused further protecting customers from ransomware threats and increasingly complex cyber attacks.
The new expanded features provide joint customers with visibility, dynamic scale, automation and flexibility to better prevent, detect and respond to threats in the cloud and across endpoints, the company states.
The new expanded features include:
Ransomware protection and recovery: The cloud-native CrowdStrike Falcon platform now works with CloudEndure Disaster Recovery to provide AWS customers protection and recovery from ransomware incidents and minimise impact to productivity.
CrowdStrike Cloud Security Assessment delivers actionable insights into security misconfigurations and deviations from recommended cloud security architectures to help clients prevent, detect and recover from breaches, while CloudEndure helps customers restore their applications quickly, minimising business disruption.
Identity-based threat detection and remediation: CrowdStrike IAM Analyzer for AWS is a feature in CrowdStrike Falcon Horizon and prevents identity-based threats by knowing what accounts are doing before a breach happens.
It follows the principle of least privilege by assessing CrowdStrike IAM services, apps, users, roles and permissions across all cloud accounts.
CrowdStrike IAM Analyzer for AWS allows security teams to continuously monitor AWS accounts for excessive or unused permissions, identify suspicious permission escalation, and audit AWS Cloud services for actions allowed per resource, user, group, and role.
The solution prevents users from putting organisations at risk by automating the detection and remediation of identity-based risks.
Enhanced security and compliance for workload deployments: CrowdStrike now integrates directly with Distributor, a capability of AWS Systems Manager.
Customers can deploy Distributor packages with embedded CrowdStrike Falcon agent software, or install the agent via the CrowdStrike Falcon APIs, with customisation to run across multiple operating systems at the same time.
This allows teams to manage all agent packages from a single interface with their choice of software installation, for easier deployment and no need for reboot requirements.
CrowdStrike chief product officer Amol Kulkarni says, “Embattled security teams have turned to the cloud to protect their dynamic work environments from sophisticated cyber actors, implementing solutions that are scalable, automated and easily deployable.
"However, they must consider how their applications communicate with each other and devise an effective strategy to ensure connectivity between the cloud and the rest of their security stack."
Kulkarni continues, "The CrowdStrike Falcon platform unifies cloud security posture management together with breach protection for cloud workloads and containers on AWS and hybrid cloud environments in a single platform, providing end-to-end visibility and protection that optimises cloud resources and ensures applications are defended against advanced threats.”
CrowdStrike was also recently highlighted as an AWS Well-Architected Framework Management and Governance Lens Partner.
The M&G Lens provides prescriptive guidance on key concepts and best practices for optimising management and governance across AWS environments.