CrowdStrike introduced new features for its Falcon cybersecurity platform aimed at helping enterprises more effectively defend their public cloud environments from hackers.
CrowdStrike flagship Falcon platform is used by more than 16,300 organizations to protect their IT infrastructure. The Falcon platform comprises several different modules each focused on a different set of cybersecurity tasks. The new update focuses on two modules: Falcon CWP and Falcon Horizon.
Falcon CWP allows installing a program called an agent on their IT systems that, similarly to an antivirus, detects threats and automatically blocks them. Falcon Horizon also detects threats, but it doesn’t require installing an agent on the systems being protected. This latter approach is preferable in some situations, such as when a device is configured in a way that makes it impractical to install an additional piece of software.
Falcon Horizon detects threats without using agents and is receiving new features for securing public cloud environments.
In AWS, Falcon Horizon can now not only detect potential breaches but also recommend ways to remediate them. Recommendations are generated with the help of a CrowdStrike offering called Falcon Fusion which debuted last year. Its automatic remediation suggestions reduce the time it takes to fix cybersecurity issues, which helps companies limit the impact of data breaches.
For organizations using Microsoft Corp.’s Azure cloud platform, today’s Falcon Horizon update introduces new user security features.
Many companies use Microsoft Active Directory widely for IAM. If an employee’s account has access to more components than is strictly necessary and the account is breached, hackers can potentially steal valuable data. Falcon Horizon adds a feature that can identify opportunities to reduce unnecessary cloud access permissions, which helps limit the risk posed by cyberattacks.
CrowdStrike is also rolling out new features for Google Cloud. Falcon Horizon now enables customers to spot misconfigured settings more easily in their Google Cloud deployments which may increase the risk of a data breach.
Falcon Horizon and Falcon CWP, the other module of CrowdStrike’s cybersecurity platform that has received updates, are being integrated with a new centralized monitoring dashboard.
The update adds ML features that can detect if a container may have been breached by hackers. Additionally, Falcon CWP detects configuration issues that may lead to a breach in the future.
The software can determine whether a container is set up in a way that may enable hackers to overwrite its contents with malware. Falcon CWP finds misconfigured containers with the ability to modify the cloud infrastructure on which they run. Removing such containers makes it more difficult for hackers to access a company’s cloud infrastructure and modify important settings.