CrowdStrike enhances container visibility and threat hunting capabilities

Cloud-native stability company CrowdStrike has launched a cloud danger looking services termed Falcon Overwatch, although also adding larger container visibility capabilities to its Cloud Native Software Security System (CNAPP).

Falcon Overwatch incorporates agent and agentless menace hunting

Falcon Overwatch is a standalone danger looking support that works by using CrowdStrike’s cloud-oriented indicators of assault to attain visibility into progressed and sophisticated cloud threats throughout the entire regulate airplane, which features the network components and capabilities employed for cloud workloads.

The services leverages both equally the CrowdStrike CNAPP’s agent-primarily based (Falcon cloud workload safety) and agentless (Falcon Horizon cloud security posture management) answers, to supply better visibility across many clouds, like Amazon World-wide-web Products and services, Azure, and Google Cloud.

“On a single side, we acquire agentless details from over 1.2 billion containers using Falcon Horizon,” suggests Param Singh, vice president for Falcon Overwatch. “On the other aspect, we have info from our brokers set up by various organizations for their endpoints, these types of as Linux servers managing in the cloud. By combining these collectively, we are able to supply additional productive risk looking.”

CNAPP upgrades increase container visibility 

Elsewhere, CrowdStrike wants to enhance purchaser visibility into application containers to assist place vulnerabilities, embedded malware, or stored insider secrets in advance of a precise container is deployed. It achieves this by identifying and remediating rogue containers, or by correcting those people which have drifted from their perfect configuration.

Responding to consumer demand, CrowdStrike is expanding these capabilties to work with Amazon’s managed, serverless Elastic Container Companies (ECS) Fargate, on best of current help for its Elastic Kubernetes Solutions (EKS) Fargate assistance.

CrowdStrike has also extended its picture registry scanning abilities to 8 new container registries, together with: Docker Registry 2., IBM Cloud Container Registry, JFrog Artifactory, Oracle Container Registry, Crimson Hat OpenShift, Crimson Hat Quay, Sonatype Nexus Repository, and VMware Harbor Registry.

Finally, CrowdStrike is introducing software package part analysis abilities for detecting and remediating vulnerabilities in well known open up resource components, together with Go, JavaScript, Java, Python, or Ruby dependencies in a customer’s codebase.

Bringing container impression scanning abilities to a developing assortment of registries and managed products and services need to support recognize extra threats and misconfigurations inside containerized environments, and support safe steady integration, continual shipping and delivery (CI/CD) pipelines.