Cloud-native safety supplier CrowdStrike has launched a cloud risk looking service known as Falcon Overwatch, whereas additionally including better container visibility capabilities to its Cloud Native Software Safety Platform (CNAPP).
Falcon Overwatch contains agent and agentless risk looking
Falcon Overwatch is a standalone risk looking service that makes use of CrowdStrike’s cloud-oriented indicators of assault to achieve visibility into developed and complex cloud threats throughout all the management aircraft, which incorporates the community parts and features used for cloud workloads.
The service leverages each the CrowdStrike CNAPP’s agent-based (Falcon cloud workload safety) and agentless (Falcon Horizon cloud safety posture administration) options, to offer better visibility throughout a number of clouds, together with Amazon Internet Companies, Azure, and Google Cloud.
“On one aspect, we obtain agentless information from over 1.2 billion containers utilizing Falcon Horizon,” says Param Singh, vp for Falcon Overwatch. “On the opposite aspect, we’ve got information from our brokers put in by totally different organizations for his or her endpoints, similar to Linux servers operating within the cloud. By combining these collectively, we’re capable of ship more practical risk looking.”
CNAPP upgrades enhance container visibility
Elsewhere, CrowdStrike needs to enhance buyer visibility into software program containers to assist spot vulnerabilities, embedded malware, or saved secrets and techniques earlier than a selected container is deployed. It achieves this by figuring out and remediating rogue containers, or by correcting these which have drifted from their excellent configuration.
Responding to buyer demand, CrowdStrike is increasing these capabilties to work with Amazon’s managed, serverless Elastic Container Companies (ECS) Fargate, on high of present help for its Elastic Kubernetes Companies (EKS) Fargate service.
CrowdStrike has additionally prolonged its picture registry scanning capabilities to eight new container registries, together with: Docker Registry 2.0, IBM Cloud Container Registry, JFrog Artifactory, Oracle Container Registry, Pink Hat OpenShift, Pink Hat Quay, Sonatype Nexus Repository, and VMware Harbor Registry.
Lastly, CrowdStrike is including software program element evaluation capabilities for detecting and remediating vulnerabilities in widespread open supply parts, together with Go, JavaScript, Java, Python, or Ruby dependencies in a buyer’s codebase.
Bringing container picture scanning capabilities to a rising vary of registries and managed companies ought to assist establish extra threats and misconfigurations inside containerized environments, and assist safe steady integration, steady supply (CI/CD) pipelines.
Copyright © 2022 IDG Communications, Inc.
