CrowdStrike enhances container visibility and threat hunting capabilities

Cloud-indigenous stability service provider CrowdStrike has launched a cloud menace hunting service termed Falcon Overwatch, whilst also adding better container visibility capabilities to its Cloud Native Application Safety Platform (CNAPP).

Falcon Overwatch contains agent and agentless menace looking

Falcon Overwatch is a standalone risk searching support that utilizes CrowdStrike’s cloud-oriented indicators of assault to get visibility into progressed and sophisticated cloud threats across the whole regulate plane, which incorporates the community factors and features employed for cloud workloads.

The support leverages both equally the CrowdStrike CNAPP’s agent-dependent (Falcon cloud workload safety) and agentless (Falcon Horizon cloud security posture management) methods, to give better visibility throughout several clouds, such as Amazon World wide web Services, Azure, and Google Cloud.

“On 1 aspect, we obtain agentless data from around 1.2 billion containers employing Falcon Horizon,” states Param Singh, vice president for Falcon Overwatch. “On the other facet, we have knowledge from our agents mounted by distinct businesses for their endpoints, this kind of as Linux servers working in the cloud. By combining these collectively, we are ready to provide additional successful risk looking.”

CNAPP updates improve container visibility 

Somewhere else, CrowdStrike wishes to boost client visibility into software package containers to aid spot vulnerabilities, embedded malware, or stored tricks in advance of a distinct container is deployed. It achieves this by identifying and remediating rogue containers, or by correcting these which have drifted from their ideal configuration.

Responding to customer demand from customers, CrowdStrike is growing these capabilties to perform with Amazon’s managed, serverless Elastic Container Services (ECS) Fargate, on best of current guidance for its Elastic Kubernetes Products and services (EKS) Fargate service.

CrowdStrike has also prolonged its image registry scanning capabilities to eight new container registries, which includes: Docker Registry 2., IBM Cloud Container Registry, JFrog Artifactory, Oracle Container Registry, Crimson Hat OpenShift, Crimson Hat Quay, Sonatype Nexus Repository, and VMware Harbor Registry.

Ultimately, CrowdStrike is introducing application element investigation capabilities for detecting and remediating vulnerabilities in well-known open source elements, including Go, JavaScript, Java, Python, or Ruby dependencies in a customer’s codebase.

Bringing container image scanning abilities to a escalating vary of registries and managed products and services should really support determine a lot more threats and misconfigurations in containerized environments, and aid protected steady integration, ongoing delivery (CI/CD) pipelines.