CrowdStrike enhances container visibility and threat hunting capabilities

Cloud-native safety provider CrowdStrike has released a cloud menace searching company termed Falcon Overwatch, although also introducing larger container visibility capabilities to its Cloud Indigenous Software Defense System (CNAPP).

Falcon Overwatch contains agent and agentless risk searching

Falcon Overwatch is a standalone danger looking services that takes advantage of CrowdStrike’s cloud-oriented indicators of assault to achieve visibility into advanced and advanced cloud threats throughout the total regulate airplane, which features the network elements and capabilities utilized for cloud workloads.

The provider leverages both of those the CrowdStrike CNAPP’s agent-primarily based (Falcon cloud workload security) and agentless (Falcon Horizon cloud protection posture administration) solutions, to supply greater visibility across several clouds, such as Amazon World-wide-web Expert services, Azure, and Google Cloud.

“On one side, we acquire agentless knowledge from over 1.2 billion containers applying Falcon Horizon,” says Param Singh, vice president for Falcon Overwatch. “On the other side, we have facts from our agents mounted by unique corporations for their endpoints, such as Linux servers functioning in the cloud. By combining these collectively, we are ready to provide a lot more productive menace hunting.”

CNAPP updates increase container visibility 

Elsewhere, CrowdStrike would like to enhance consumer visibility into software containers to support location vulnerabilities, embedded malware, or stored strategies prior to a unique container is deployed. It achieves this by identifying and remediating rogue containers, or by correcting those people which have drifted from their best configuration.

Responding to buyer need, CrowdStrike is increasing these capabilties to function with Amazon’s managed, serverless Elastic Container Companies (ECS) Fargate, on leading of existing assistance for its Elastic Kubernetes Expert services (EKS) Fargate service.

CrowdStrike has also prolonged its image registry scanning abilities to 8 new container registries, which includes: Docker Registry 2., IBM Cloud Container Registry, JFrog Artifactory, Oracle Container Registry, Crimson Hat OpenShift, Crimson Hat Quay, Sonatype Nexus Repository, and VMware Harbor Registry.

Finally, CrowdStrike is incorporating application part assessment abilities for detecting and remediating vulnerabilities in common open supply factors, like Go, JavaScript, Java, Python, or Ruby dependencies in a customer’s codebase.

Bringing container image scanning capabilities to a expanding variety of registries and managed providers need to assistance identify much more threats and misconfigurations in just containerized environments, and assistance safe continuous integration, continual supply (CI/CD) pipelines.