 |
VOOZH | about |
|
VOOZH | about |
We’re so glad you’re here. You can expect all the best TNS content to arrive Monday through Friday to keep you on top of the news and at the top of your game.
Check your inbox for a confirmation email where you can adjust your preferences and even join additional groups.
Follow TNS on your favorite social media networks.
Become a TNS follower on LinkedIn.
Check out the latest featured and trending stories while you wait for your first TNS newsletter.
Not all cloud security programs are based on open source software. CrowdStrike, a global security company, offers its Falcon platform, which uses an AI running on its proprietary Threat Graph database and patented smart-filtering technology to deliver a cloud security service. In May, CrowdStrike will be introducing its new adversary-focused Cloud-Native Application Protection Platform CNAPP to accelerate threat hunting for cloud environments and workloads and reduce the time needed to respond.
“CNAPP,” according to CrowdStrike’s Senior Product Marketing Manager Gui Alvarenga, “is an all-in-one cloud native software platform that simplifies monitoring, detecting, and acting on potential cloud security threats and vulnerabilities. As an increasing number of organizations adopt DevSecOps, they are looking for ways to ensure cloud native application security, protect business-critical workloads, and streamline operations. A CNAPP combines multiple tools and capabilities into a single software solution to minimize complexity and facilitate DevOps and DevSecOps team operations.” Further, it offers an end-to-end cloud and application security through the whole Continuous Integration/Continuous Deployment (CI/CD) application lifecycle.
This is done by bringing together CrowdStrike’s popular Falcon Horizon, a Cloud Security Posture Management (CSPM) module and Falcon Cloud Workload Protection (CWP) module via a common cloud activity dashboard. With this, both security and DevOps teams can prioritize their top cloud security issues, address runtime threats and hunt down cloud threats.
The updates also include new ways to use Falcon Fusion, CrowdStrike’s security orchestration, automation, and response (SOAR) framework to automate Amazon Web Services (AWS) remediations; new custom Indicators of Misconfigurations (IOMs) for Google Cloud Platform (GCP); new ways to prevent identity-based threats for Microsoft Azure and more.
This new approach provides both agent-based (Falcon CWP) and agentless (Falcon Horizon) solutions. You get to decide which approach is best to secure your cloud applications across your CI/CD pipeline and AWS, Azure, and/or GCP clouds CrowdStrike, however, recommends its agent-based CWP solution since it enables pre-runtime and runtime protection. By comparison, an agentless-only approach offers partial visibility and lacks remediation capabilities.
Still, Amol Kulkarni, CrowdStrike’s chief product and engineering officer, notes that what sets CrowdStrike apart from other vendors is that it offers both agent-based and agentless approaches. “Additionally,” Kulkarni continued, “we offer breach protection for cloud workloads, containers, and Kubernetes for both multi-cloud and hybrid cloud environments for organizations, who get access to real-time alerting and reporting on more than 150 cloud adversaries”
CrowdStrike’s adversary-focused CNAPP capabilities include:
That’s a lot of new features across the platform. That’s a good thing according to Dave Worthington, Australian energy utility, Jemena, general manager of digital security and risk, “One of the big benefits I’ve witnessed is that CrowdStrike is constantly innovating and enhancing its cloud security offerings, such as Falcon Horizon, which we use to monitor our cloud environment and detect misconfigurations, vulnerabilities and security threats.” In a CrowdStrike case study, Worthington added, “For the first time, I have the data I need to confidently talk to the executive committee and accurately communicate the levels of risk we’re seeing across our users, servers, and networks.”
This last is not a small thing as any IT person who’s faced a hostile C-level security overview knows. If you’ve been in that hot seat, that’s reason enough to give CrowdStrike’s latest multilevel security services a look.
