CrowdStrike has unveiled what it says in the industry's first adversary-focused cloud security solution with new features to CrowdStrike Falcon Horizon Cloud Security Posture Management.
The new features bring real-time telemetry of the CrowdStrike Security Cloud to deliver behavioural detections and attack patterns for an adversary-focused approach to securing the cloud control plane. These new capabilities include continuous threat detection, monitoring and correlation across cloud and on-premises environments, providing security teams the ability to cut through the noise of a multi-cloud environment and take the most effective action.
"Today's application development lifecycle demands speed and agility, requiring teams to build applications and reconfigure cloud infrastructure on the fly and overwhelming security teams trying to gain control of resources to prevent breaches in the cloud," says Michael Sentonas, chief technology officer at CrowdStrike.
"To proactively protect organisations who are rapidly adopting the cloud, security teams must go beyond indicators of misconfiguration (IOMs) to understand the actors targeting them and the tools being used.
"Falcon Horizon is the first solution to deliver indicators of attack (IOAs) for the cloud control plane, arming customers with important data on threat activity leveraging cloud misconfigurations to pose serious risks across cloud services so they can quickly detect and stop breaches," he says.
Powered by CrowdStrike's threat intelligence, Falcon Horizon is the first CSPM solution to deliver an adversary-focused approach for continuous, in-depth control plane threat detection across an organisations cloud accounts, services and users for AWS and Azure.
Security teams receive real-time alerting and reporting on IOAs allowing them to better understand the adversaries and tactics that are targeting their organisations. Additionally, Falcon Horizon provides behaviour-based tactics, techniques and procedures (TTPs) detections and guided remediation across the cloud estate, empowering security teams to proactively uncover hidden threats and conduct self-service threat hunting to more quickly spot suspicious activity and stop breaches.
According to CrowdStrike, Falcon Horizon's new Confidence Scoring highlights the most critical Indicators of Attack. This new feature continuously aggregates, assesses and scores cloud control plane threats and changes in configurations to accurately identify malicious activity.
The scores help security teams prioritise the most urgent threats, allowing them to rapidly identify, understand and take action against critical threat activity eliminating the time and resources needed for sifting through a barrage of inconsequential alerts.
Additional new capabilities for Falcon Horizon include:
- Integration at the speed of DevOps: Enables faster integration and remediation with organisations DevOps and collaboration tools through CrowdStrikes single, powerful API to seamlessly onboard new cloud accounts to keep pace with new digital transformation initiatives.
- Unified visibility and control across cloud environments: Provides visibility and control across multi-cloud and on-premises environments for simplified management and security policy enforcement from a single console, eliminating blind spots, more effectively preventing security incidents and ensuring application availability for any cloud.
- Prevention of misconfigurations and compliance violations: Proactively detects misconfigurations, cloud plane security threats and compliance violations with over 250 out-of-the-box adversary-focused policies, saving time and reducing operation costs.
- Guided remediation from security experts: Enables security teams to fix issues that leave cloud resources exposed with guided remediation and guardrails that enable developers to avoid critical mistakes.