SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
New Zealand
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
App development
#
APM
#
Cloud Security
CrowdStrike launches industry-first adversary-focused cloud security solution
Thu, 20th May 2021
FYI, this story is more than a year old
Author image
By Shannon Williams, Journalist
Follow us

CrowdStrike has unveiled what it says in the industry's first adversary-focused cloud security solution with new features to CrowdStrike Falcon Horizon Cloud Security Posture Management.

The new features bring real-time telemetry of the CrowdStrike Security Cloud to deliver behavioural detections and attack patterns for an adversary-focused approach to securing the cloud control plane. These new capabilities include continuous threat detection, monitoring and correlation across cloud and on-premises environments, providing security teams the ability to cut through the noise of a multi-cloud environment and take the most effective action.

"Today's application development lifecycle demands speed and agility, requiring teams to build applications and reconfigure cloud infrastructure on the fly and overwhelming security teams trying to gain control of resources to prevent breaches in the cloud," says Michael Sentonas, chief technology officer at CrowdStrike.

"To proactively protect organisations who are rapidly adopting the cloud, security teams must go beyond indicators of misconfiguration (IOMs)  to understand the actors targeting them and the tools being used.

"Falcon Horizon is the first solution to deliver indicators of attack (IOAs) for the cloud control plane, arming customers with important data on threat activity leveraging cloud misconfigurations to pose serious risks across cloud services so they can quickly detect and stop breaches," he says.

Powered by CrowdStrike's threat intelligence, Falcon Horizon is the first CSPM solution to deliver an adversary-focused approach for continuous, in-depth control plane threat detection across an organisations cloud accounts, services and users for AWS and Azure.

Security teams receive real-time alerting and reporting on IOAs allowing them to better understand the adversaries and tactics that are targeting their organisations. Additionally, Falcon Horizon provides behaviour-based tactics, techniques and procedures (TTPs) detections and guided remediation across the cloud estate, empowering security teams to proactively uncover hidden threats and conduct self-service threat hunting to more quickly spot suspicious activity and stop breaches.

According to CrowdStrike, Falcon Horizon's new Confidence Scoring highlights the most critical Indicators of Attack. This new feature continuously aggregates, assesses and scores cloud control plane threats and changes in configurations to accurately identify malicious activity.

The scores help security teams prioritise the most urgent threats, allowing them to rapidly identify, understand and take action against critical threat activity eliminating the time and resources needed for sifting through a barrage of inconsequential alerts.

Additional new capabilities for Falcon Horizon include:

  • Integration at the speed of DevOps: Enables faster integration and remediation with organisations DevOps and collaboration tools through CrowdStrikes single, powerful API to seamlessly onboard new cloud accounts to keep pace with new digital transformation initiatives.
  • Unified visibility and control across cloud environments: Provides visibility and control across multi-cloud and on-premises environments for simplified management and security policy enforcement from a single console, eliminating blind spots, more effectively preventing security incidents and ensuring application availability for any cloud.
  • Prevention of misconfigurations and compliance violations: Proactively detects misconfigurations, cloud plane security threats and compliance violations with over 250 out-of-the-box adversary-focused policies, saving time and reducing operation costs.
  • Guided remediation from security experts: Enables security teams to fix issues that leave cloud resources exposed with guided remediation and guardrails that enable developers to avoid critical mistakes.

 

Related stories
RiverSafe teams up with Cribl to boost IT & data security services
Business leaders anxious over data security – report
Half of online traffic in 2024 generated by bots, report finds
Keeper Security launches user-friendly passphrase generator
Cisco launches Hypershield for AI-driven security upgrade
Top stories
Fortinet recognised as Challenger in Gartner's 2024 Magic Quadrant for SSE
Coalition integrates cyber risk platform with top cloud services providers
Armis warns of major cyber-attack risk to 2024 global elections
i-PRO to support Genetec SaaS with new AI-enabled camera models
Illumio unveils AI enhancements for faster Zero Trust Segmentation adoption