Cloud Threats Hunted by CrowdStrike Service

Cloud Threats Hunted by CrowdStrike Service

By Greg Tavarez

It’s been an unprecedented couple of years for the cloud industry.  Digital transformation acceleration, largely driven by the global pandemic and the need to support widespread remote workers, caused the rapid adoption of cloud-native architectures.

Though the benefits have been many, and unintended side effect was the opening of broader attack surfaces, leaving security teams vulnerable without the requisite skill sets to hunt continuously for sophisticated threats across complex cloud environments. As a result, adversaries are finding cloud assets and exploiting them faster than security teams can discover them.

CrowdStrike, a provider of cloud-delivered endpoint, cloud workload, identity and data protection, introduced a standalone threat hunting service for hidden and advanced threats originating, operating or persisting in cloud environments with Falcon OverWatch Cloud Threat Hunting.

Falcon OverWatch Cloud Threat Hunting, with cloud-oriented indicators of attack for the control plane, conducts 24/7 operations. As Falcon OverWatch cloud threat hunters investigate suspicious behaviors and novel attacker tradecraft, the service will prevent incidents and breaches while proactively alerting customers to cloud-based attacks, including:

  • Adversary activity taking place within and across cloud infrastructure for Amazon Web Services, Google Cloud Platform, Microsoft Azure and other cloud service providers.
  • Sophisticated hands-on-keyboard activity and zero-days that take advantage and compromise cloud workloads and containers in production.
  • Cloud-based IOAs, such as control plane and serverless vulnerabilities, misconfigurations, application behavior anomalies, container escapes, privilege escalations and node compromises.
  • Attack paths that first exploit traditional IT assets to gain initial entry and pivot to applications, systems and data in the cloud.

“CrowdStrike pioneered the concept of blending technology with proactive threat hunting to deliver truly comprehensive protection that closes the gap between detection and response,” said Shawn Henry, CrowdStrike chief security officer and president of CrowdStrike Services. “We’re bringing that same leadership to Falcon OverWatch Cloud Threat Hunting.”

OverWatch delivers results for organizations of all sizes, operating as a seamless extension of the team — minimizing overhead, complexity and cost.




Edited by Erik Linask
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

SHARE THIS ARTICLE
Related Articles

Shining a Light on the Dark Web: Searchlight Cyber Debuts Comprehensive Hub

By: Greg Tavarez    3/28/2024

The Dark Web Hub is a one-stop shop for crucial context and continuously updated information on dark web marketplaces, ransomware actors, hacking foru…

Read More

Stellar Cyber and Trellix Bridge the Gap in Security Operations

By: Greg Tavarez    3/28/2024

Stellar Cyber announced the integration with Trellix Endpoint Security HX to allow customers to deploy more robust security solutions and improve thei…

Read More

CyberSaint Raises $21M in Series A Funding to Continue Securing its CyberStrong Customers

By: Alex Passett    3/27/2024

CyberSaint announced that it succeeded in a huge $21 million Series A funding round. This was led by Riverside Acceleration Capital (RAC) with other i…

Read More

US Education Receives Security Upgrade with Free Browser Protection Offered by Conceal, Carahsoft

By: Greg Tavarez    3/27/2024

Conceal and Carahsoft recently unveiled an initiative to fortify the cybersecurity infrastructure of U.S. educational institutions.

Read More

Cato's AI Takes Control of Security and Incident Response

By: Greg Tavarez    3/27/2024

With Cato's recently announced Network Stories for Cato XDR, advanced AI algorithms instantly identify outages in customer networks and conduct root c…

Read More