Cloud Threats Hunted by CrowdStrike Service


Cloud Threats Hunted by CrowdStrike Service

By Greg Tavarez

It’s been an unprecedented couple of years for the cloud industry.  Digital transformation acceleration, largely driven by the global pandemic and the need to support widespread remote workers, caused the rapid adoption of cloud-native architectures.

Though the benefits have been many, and unintended side effect was the opening of broader attack surfaces, leaving security teams vulnerable without the requisite skill sets to hunt continuously for sophisticated threats across complex cloud environments. As a result, adversaries are finding cloud assets and exploiting them faster than security teams can discover them.

CrowdStrike, a provider of cloud-delivered endpoint, cloud workload, identity and data protection, introduced a standalone threat hunting service for hidden and advanced threats originating, operating or persisting in cloud environments with Falcon OverWatch Cloud Threat Hunting.

Falcon OverWatch Cloud Threat Hunting, with cloud-oriented indicators of attack for the control plane, conducts 24/7 operations. As Falcon OverWatch cloud threat hunters investigate suspicious behaviors and novel attacker tradecraft, the service will prevent incidents and breaches while proactively alerting customers to cloud-based attacks, including:

  • Adversary activity taking place within and across cloud infrastructure for Amazon Web Services, Google Cloud Platform, Microsoft Azure and other cloud service providers.
  • Sophisticated hands-on-keyboard activity and zero-days that take advantage and compromise cloud workloads and containers in production.
  • Cloud-based IOAs, such as control plane and serverless vulnerabilities, misconfigurations, application behavior anomalies, container escapes, privilege escalations and node compromises.
  • Attack paths that first exploit traditional IT assets to gain initial entry and pivot to applications, systems and data in the cloud.

“CrowdStrike pioneered the concept of blending technology with proactive threat hunting to deliver truly comprehensive protection that closes the gap between detection and response,” said Shawn Henry, CrowdStrike chief security officer and president of CrowdStrike Services. “We’re bringing that same leadership to Falcon OverWatch Cloud Threat Hunting.”

OverWatch delivers results for organizations of all sizes, operating as a seamless extension of the team — minimizing overhead, complexity and cost.

Edited by Erik Linask

MSPToday Editor

Related Articles

Cloud Optimization is Key to Managing Costs and Driving Digital Transformation

By: Matthew Vulpis    12/2/2022

The average company wastes as much as 35 percent of its cloud budget because they don't have the right cloud optimization tools to manage usage.

Read More

N-able Continues to Expand Support for MSPs

By: Stefania Viscusi    12/2/2022

N-able has expanded it distribution network to more effectively support its MSP and reseller partners across the globe.

Read More

TBI Adds Aryaka's SD-WAN and SASE to Supplier Portfolio

By: Stefania Viscusi    12/2/2022

Technology services distributor TBI has announced the addition of Aryaka Networks, a provider of unified SASE and SD-WAN solutions, to its supplier po…

Read More

As Crypto Scams Skyrocket, Pax8 Alerts MSPs to Risks

By: Matthew Vulpis    12/1/2022

The FTC warned earlier this year that "cypto has several features that are attractive to scammers," a reason why reported losses in 2021 were nearly 6…

Read More

Pure IP Launches Microsoft Teams Partner Program for MSPs

By: Stefania Viscusi    12/1/2022

Pure IP's eVoc2 program is designed to help MSPs and telcos offer business telephony services with Microsoft Teams using Operator Connect.

Read More