CrowdStrike enhances container visibility and threat hunting capabilities

Cloud-native protection provider CrowdStrike has introduced a cloud menace looking provider identified as Falcon Overwatch, even though also incorporating bigger container visibility abilities to its Cloud Indigenous Application Defense Platform (CNAPP).

Falcon Overwatch includes agent and agentless menace hunting

Falcon Overwatch is a standalone menace searching services that takes advantage of CrowdStrike’s cloud-oriented indicators of assault to obtain visibility into advanced and sophisticated cloud threats across the total manage plane, which consists of the community elements and capabilities applied for cloud workloads.

The assistance leverages both the CrowdStrike CNAPP’s agent-centered (Falcon cloud workload safety) and agentless (Falcon Horizon cloud safety posture administration) alternatives, to offer higher visibility throughout a number of clouds, which includes Amazon Website Expert services, Azure, and Google Cloud.

“On a single aspect, we obtain agentless facts from above 1.2 billion containers utilizing Falcon Horizon,” claims Param Singh, vice president for Falcon Overwatch. “On the other aspect, we have facts from our agents set up by various organizations for their endpoints, this sort of as Linux servers functioning in the cloud. By combining these with each other, we are able to produce additional efficient danger looking.”

CNAPP updates enhance container visibility 

In other places, CrowdStrike would like to increase client visibility into application containers to aid spot vulnerabilities, embedded malware, or stored strategies just before a precise container is deployed. It achieves this by identifying and remediating rogue containers, or by correcting those which have drifted from their perfect configuration.

Responding to shopper demand from customers, CrowdStrike is increasing these capabilties to operate with Amazon’s managed, serverless Elastic Container Services (ECS) Fargate, on prime of existing assist for its Elastic Kubernetes Companies (EKS) Fargate assistance.

CrowdStrike has also prolonged its image registry scanning capabilities to 8 new container registries, together with: Docker Registry 2., IBM Cloud Container Registry, JFrog Artifactory, Oracle Container Registry, Purple Hat OpenShift, Purple Hat Quay, Sonatype Nexus Repository, and VMware Harbor Registry.

Last but not least, CrowdStrike is including application ingredient assessment capabilities for detecting and remediating vulnerabilities in common open resource elements, including Go, JavaScript, Java, Python, or Ruby dependencies in a customer’s codebase.

Bringing container impression scanning capabilities to a growing array of registries and managed products and services really should aid determine extra threats and misconfigurations in just containerized environments, and assistance protected ongoing integration, steady delivery (CI/CD) pipelines.