CrowdStrike enhances container visibility and threat hunting capabilities


Cloud-native security provider CrowdStrike has launched a cloud menace searching service termed Falcon Overwatch, while also including greater container visibility capabilities to its Cloud Indigenous Software Defense Platform (CNAPP).

Falcon Overwatch incorporates agent and agentless menace hunting

Falcon Overwatch is a standalone danger looking support that works by using CrowdStrike’s cloud-oriented indicators of assault to get visibility into progressed and complex cloud threats across the overall command airplane, which includes the network elements and functions utilized for cloud workloads.

The company leverages both the CrowdStrike CNAPP’s agent-centered (Falcon cloud workload protection) and agentless (Falcon Horizon cloud protection posture administration) answers, to present better visibility throughout a number of clouds, including Amazon Web Products and services, Azure, and Google Cloud.

“On one particular facet, we obtain agentless information from above 1.2 billion containers making use of Falcon Horizon,” states Param Singh, vice president for Falcon Overwatch. “On the other aspect, we have details from our agents installed by different businesses for their endpoints, these kinds of as Linux servers running in the cloud. By combining these jointly, we are able to deliver extra successful risk searching.”

CNAPP upgrades strengthen container visibility 

Somewhere else, CrowdStrike would like to enhance buyer visibility into application containers to assistance location vulnerabilities, embedded malware, or stored techniques in advance of a precise container is deployed. It achieves this by identifying and remediating rogue containers, or by correcting people which have drifted from their suitable configuration.

Responding to consumer desire, CrowdStrike is expanding these capabilties to perform with Amazon’s managed, serverless Elastic Container Solutions (ECS) Fargate, on major of existing support for its Elastic Kubernetes Products and services (EKS) Fargate provider.

CrowdStrike has also extended its graphic registry scanning abilities to 8 new container registries, including: Docker Registry 2., IBM Cloud Container Registry, JFrog Artifactory, Oracle Container Registry, Crimson Hat OpenShift, Red Hat Quay, Sonatype Nexus Repository, and VMware Harbor Registry.

Ultimately, CrowdStrike is adding computer software ingredient examination abilities for detecting and remediating vulnerabilities in common open supply parts, including Go, JavaScript, Java, Python, or Ruby dependencies in a customer’s codebase.

Bringing container graphic scanning capabilities to a escalating assortment of registries and managed services must enable discover much more threats and misconfigurations within just containerized environments, and enable secure ongoing integration, steady delivery (CI/CD) pipelines.

Copyright © 2022 IDG Communications, Inc.


Supply connection