CrowdStrike enhances container visibility and threat hunting capabilities

Josephine J. Romero


Cloud-native safety supplier CrowdStrike has released a cloud threat hunting provider termed Falcon Overwatch, when also incorporating bigger container visibility abilities to its Cloud Native Application Defense System (CNAPP).

Falcon Overwatch contains agent and agentless threat looking

Falcon Overwatch is a standalone danger searching service that uses CrowdStrike’s cloud-oriented indicators of attack to acquire visibility into evolved and subtle cloud threats across the entire management aircraft, which consists of the community parts and functions made use of for cloud workloads.

The assistance leverages both equally the CrowdStrike CNAPP’s agent-dependent (Falcon cloud workload safety) and agentless (Falcon Horizon cloud protection posture management) options, to supply bigger visibility across various clouds, such as Amazon Website Solutions, Azure, and Google Cloud.

“On a single facet, we get agentless details from about 1.2 billion containers using Falcon Horizon,” claims Param Singh, vice president for Falcon Overwatch. “On the other aspect, we have facts from our agents put in by distinctive companies for their endpoints, these types of as Linux servers jogging in the cloud. By combining these collectively, we are in a position to deliver extra successful danger looking.”

CNAPP upgrades enhance container visibility 

Elsewhere, CrowdStrike wants to make improvements to customer visibility into computer software containers to help place vulnerabilities, embedded malware, or saved strategies right before a specific container is deployed. It achieves this by identifying and remediating rogue containers, or by correcting all those which have drifted from their suitable configuration.

Responding to customer desire, CrowdStrike is expanding these capabilties to work with Amazon’s managed, serverless Elastic Container Services (ECS) Fargate, on major of current assist for its Elastic Kubernetes Providers (EKS) Fargate company.

CrowdStrike has also prolonged its picture registry scanning abilities to 8 new container registries, like: Docker Registry 2., IBM Cloud Container Registry, JFrog Artifactory, Oracle Container Registry, Crimson Hat OpenShift, Crimson Hat Quay, Sonatype Nexus Repository, and VMware Harbor Registry.

Finally, CrowdStrike is including computer software part analysis abilities for detecting and remediating vulnerabilities in well-known open source components, like Go, JavaScript, Java, Python, or Ruby dependencies in a customer’s codebase.

Bringing container impression scanning abilities to a escalating array of registries and managed companies should really support discover far more threats and misconfigurations in containerized environments, and assist secure continuous integration, continuous shipping and delivery (CI/CD) pipelines.

Copyright © 2022 IDG Communications, Inc.


Supply website link

Next Post

China, Ukraine crisis slightly dent Microsoft Q4 profits • The Register

[ad_1] Microsoft documented poorer than envisioned fourth quarter outcomes, but however managed to close its FY 2022 alternatively very well. In the fourth quarter of its fiscal 12 months – the three months to June 30 – the Microsoft documented getting a $300 million strike from Chinese Personal computer production […]