Cloud Threats Hunted by CrowdStrike Service


Cloud Threats Hunted by CrowdStrike Service

By Greg Tavarez

It’s been an unprecedented couple of years for the cloud industry.  Digital transformation acceleration, largely driven by the global pandemic and the need to support widespread remote workers, caused the rapid adoption of cloud-native architectures.

Though the benefits have been many, and unintended side effect was the opening of broader attack surfaces, leaving security teams vulnerable without the requisite skill sets to hunt continuously for sophisticated threats across complex cloud environments. As a result, adversaries are finding cloud assets and exploiting them faster than security teams can discover them.

CrowdStrike, a provider of cloud-delivered endpoint, cloud workload, identity and data protection, introduced a standalone threat hunting service for hidden and advanced threats originating, operating or persisting in cloud environments with Falcon OverWatch Cloud Threat Hunting.

Falcon OverWatch Cloud Threat Hunting, with cloud-oriented indicators of attack for the control plane, conducts 24/7 operations. As Falcon OverWatch cloud threat hunters investigate suspicious behaviors and novel attacker tradecraft, the service will prevent incidents and breaches while proactively alerting customers to cloud-based attacks, including:

  • Adversary activity taking place within and across cloud infrastructure for Amazon Web Services, Google Cloud Platform, Microsoft Azure and other cloud service providers.
  • Sophisticated hands-on-keyboard activity and zero-days that take advantage and compromise cloud workloads and containers in production.
  • Cloud-based IOAs, such as control plane and serverless vulnerabilities, misconfigurations, application behavior anomalies, container escapes, privilege escalations and node compromises.
  • Attack paths that first exploit traditional IT assets to gain initial entry and pivot to applications, systems and data in the cloud.

“CrowdStrike pioneered the concept of blending technology with proactive threat hunting to deliver truly comprehensive protection that closes the gap between detection and response,” said Shawn Henry, CrowdStrike chief security officer and president of CrowdStrike Services. “We’re bringing that same leadership to Falcon OverWatch Cloud Threat Hunting.”

OverWatch delivers results for organizations of all sizes, operating as a seamless extension of the team — minimizing overhead, complexity and cost.

Edited by Erik Linask

MSPToday Editor

Related Articles

BackBox Changes Automation Tool Use Through SaaS Network Automation Platform

By: Greg Tavarez    8/8/2022

BackBox, the network automation, security and management provider released the latest version of the Backbox Automation Platform to add cloud-based Sa…

Read More

Branded vs White-Label: Can Your White-Label MSP Handle the Service Calls?

By: Bill Yates    8/8/2022

Should you put your MSP's name on the products you sell? Or are you better off selling products with the vendor's brand?

Read More

Deploy Analytics Anywhere with Analytics Plus from ManageEngine

By: Greg Tavarez    8/5/2022

ManageEngine is offering its IT analytics product, Analytics Plus, as a SaaS offering to enable users to set up a fully functional, integrated analyti…

Read More

Nomosphère Brings Wi-Fi from Cambium Networks to CASVP

By: Stefania Viscusi    8/5/2022

Nomosphère will be providing Cambium Networks wireless networking solutions to its 294 locations across Paris.

Read More

Why MSPs Should Undergo Valuation Every Year

By: Bill Yates    8/5/2022

In an industry rip with acquisition, MSPs should prepare for every opportunity and undergo a valuation annually.

Read More