CrowdStrike enhances container visibility and threat hunting capabilities

Cloud-indigenous security company CrowdStrike has introduced a cloud risk searching services identified as Falcon Overwatch, whilst also including increased container visibility capabilities to its Cloud Native Application Defense Platform (CNAPP).

Falcon Overwatch consists of agent and agentless risk looking

Falcon Overwatch is a standalone threat hunting assistance that utilizes CrowdStrike’s cloud-oriented indicators of assault to get visibility into evolved and refined cloud threats throughout the whole control aircraft, which includes the network factors and functions utilised for cloud workloads.

The assistance leverages each the CrowdStrike CNAPP’s agent-dependent (Falcon cloud workload safety) and agentless (Falcon Horizon cloud safety posture management) remedies, to deliver bigger visibility throughout numerous clouds, which includes Amazon World wide web Services, Azure, and Google Cloud.

“On one particular side, we get agentless data from about 1.2 billion containers employing Falcon Horizon,” says Param Singh, vice president for Falcon Overwatch. “On the other side, we have info from our brokers set up by distinctive corporations for their endpoints, these types of as Linux servers functioning in the cloud. By combining these jointly, we are in a position to provide a lot more efficient danger looking.”

CNAPP upgrades strengthen container visibility 

Elsewhere, CrowdStrike would like to increase customer visibility into software containers to support place vulnerabilities, embedded malware, or saved insider secrets before a unique container is deployed. It achieves this by identifying and remediating rogue containers, or by correcting those people which have drifted from their great configuration.

Responding to client need, CrowdStrike is growing these capabilties to work with Amazon’s managed, serverless Elastic Container Products and services (ECS) Fargate, on major of present assist for its Elastic Kubernetes Services (EKS) Fargate support.

CrowdStrike has also extended its graphic registry scanning capabilities to eight new container registries, such as: Docker Registry 2., IBM Cloud Container Registry, JFrog Artifactory, Oracle Container Registry, Pink Hat OpenShift, Pink Hat Quay, Sonatype Nexus Repository, and VMware Harbor Registry.

Lastly, CrowdStrike is including computer software ingredient analysis capabilities for detecting and remediating vulnerabilities in preferred open up resource components, which includes Go, JavaScript, Java, Python, or Ruby dependencies in a customer’s codebase.

Bringing container picture scanning abilities to a developing variety of registries and managed solutions really should assist discover extra threats and misconfigurations in just containerized environments, and support secure continuous integration, ongoing delivery (CI/CD) pipelines.