Businesses are under fire in the cloud with a 75% rise in cloud intrusions reported over the past year, according to cybersecurity firm CrowdStrike’s 2024 Global Threat Report. Attackers are exploiting weaknesses in how organizations secure their cloud environments. One tactic gaining traction is identity-based attacks. These attacks target employee credentials or misconfigured access privileges to gain a foothold within a system.
Compounding the problem is a lack of clear visibility across cloud platforms. Many organizations rely on a patchwork of security tools, which creates gaps that attackers can exploit. Additionally, there's a growing shortage of cybersecurity professionals with the specific skills needed to secure cloud environments effectively. This "cloud security skills gap" delays an organization's ability to detect and respond to threats.
The message for businesses is clear: Shore up your cloud defenses.
CrowdStrike announced new capabilities for its Cloud Detection and Response (CDR) service. These enhancements integrate threat hunting with extensive visibility across cloud infrastructure, user identities and endpoints. This broadened perspective will expedite threat detection and response throughout all phases of a cloud attack.
As highlighted in the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) Cyber Safety Review Board report, the summer 2023 breach of Microsoft Exchange Online was "avoidable and should never have happened." Attackers frequently use identity-based tactics to infiltrate customer cloud environments. The security lapse identified in the CSRB report underscores the critical importance of proactively detecting and responding to cloud attacks, particularly within Microsoft Azure deployments.
So naturally, the initial focus is on Microsoft Azure. The improved CDR offering grants deeper visibility into cloud control plane activity. What this will do is boost existing threat hunting within cloud runtime environments.
CrowdStrike's unified platform approach also let's cloud threat hunters proactively monitor and prevent compromised user accounts and credentials from being exploited in cloud attacks.
Additionally, the unified, AI-powered CrowdStrike Falcon platform allows CrowdStrike cloud threat hunters to track lateral movement from the cloud to endpoints. This makes for swift response and actionable insights for decisive remediation.
This release also positions CrowdStrike among others at the summit in the CDR space. The combination of the company's proven 24/7 threat hunting expertise and its industry-defining Cloud Native Application Protection Platform, or CNAPP, establishes a new standard for CDR. This improved visibility equips organizations to halt cloud breaches, even when threats spread laterally from the cloud to endpoints.
“CrowdStrike pioneered EDR, we established MDR before it was a category, and now we’re setting the standard for what CDR delivers and can do for customers,” said Michael Sentonas, President at CrowdStrike. “The combination of CrowdStrike’s cloud threat hunting services and comprehensive CNAPP provides a powerful force multiplier for Cloud SecOps teams to consolidate tools, close gaps in visibility and deliver the security outcome that matters most – stopping the breach."
Edited by
Alex Passett
