CrowdStrike recently announced new features to the CrowdStrike Falcon platform that work with services from Amazon Web Services (AWS) that further protect customers from growing ransomware threats and increasingly complex cyber attacks. The new expanded features provide joint customers with comprehensive visibility, dynamic scale, automation and flexibility to better prevent, detect and respond to threats in the cloud and across endpoints.
“Embattled security teams have turned to the cloud to protect their dynamic work environments from sophisticated cyber actors, implementing solutions that are scalable, automated and easily deployable. However, they must consider how their applications communicate with each other and devise an effective strategy to ensure connectivity between the cloud and the rest of their security stack,” said Amol Kulkarni, chief product officer at CrowdStrike. “The CrowdStrike Falcon platform unifies cloud security posture management together with breach protection for cloud workloads and containers on AWS and hybrid cloud environments in a single platform, providing end-to-end visibility and protection that optimizes cloud resources and ensures applications are defended against advanced threats.”
The new expanded features include:
- Ransomware protection and recovery: The cloud-native CrowdStrike Falcon platform now works with CloudEndure Disaster Recovery to provide AWS customers protection and recovery from ransomware incidents and minimize impact to productivity. CrowdStrike Cloud Security Assessment delivers actionable insights into security misconfigurations and deviations from recommended cloud security architectures to help clients prevent, detect and recover from breaches, while CloudEndure helps customers restore their applications within minutes, minimizing business disruption.
- Identity-based threat detection and remediation: CrowdStrike IAM Analyzer for AWS is a feature in CrowdStrike Falcon Horizon and prevents identity-based threats by knowing what accounts are doing before a breach happens. It follows the principle of least privilege by assessing CrowdStrike IAM services, apps, users, roles and permissions across all cloud accounts. CrowdStrike IAM Analyzer for AWS allows security teams to continuously monitor AWS accounts for excessive or unused permissions, identify suspicious permission escalation, and audit AWS Cloud services for actions allowed per resource, user, group, and role. The solution prevents users from putting organizations at risk by automating the detection and remediation of identity-based risks.
- Enhanced security and compliance for workload deployments: CrowdStrike now integrates directly with Distributor, a capability of AWS Systems Manager. Customers can easily deploy Distributor packages with embedded CrowdStrike Falcon agent software, or install the agent via the CrowdStrike Falcon APIs, with customization to run across multiple operating systems at the same time. This allows teams to manage all agent packages from a single interface with flexibility and choice of software installation, easing deployment and without reboot requirements. With simplified deployment, teams can ensure real-time protection of workloads from both malware and malware-free attacks from day one, with minimal performance impact.
CrowdStrike was also recently highlighted as an AWS Well-Architected Framework Management and Governance Lens Partner. The M&G Lens provides prescriptive guidance on key concepts and best practices for optimizing management and governance across AWS environments.