With Falcon OverWatch Cloud Threat Hunting, organizations gain access to an elite team of threat hunters to stop breaches in cloud environments
CrowdStrike (Nasdaq: CRWD), a leader in cloud-delivered protection of endpoints, cloud workloads, identity and data, today introduced Falcon OverWatch Cloud Threat Hunting, the industry’s first standalone threat hunting service for hidden and advanced threats originating, operating or persisting in cloud environments. Armed with the industry’s first cloud-oriented indicators of attack (IOAs) for the control plane and detailed adversary tradecraft, OverWatch Cloud Threat Hunting delivers unparalleled visibility into cloud environments to observe and disrupt the most sophisticated cloud threats.
Rapid adoption of cloud-native architectures have opened up new, broader attack surfaces, and security teams are often left in the dark without visibility or the requisite skill sets to hunt continuously around the clock for sophisticated threats across these complex cloud environments. As a result, adversaries are finding cloud assets and exploiting them faster than security teams can discover them.
Leveraging CrowdStrike’s agent-based and agentless Cloud Native Application Protection Platform (CNAPP) capabilities, Falcon OverWatch cloud threat hunters investigate suspicious and anomalous behaviors and novel attacker tradecraft. Falcon OverWatch Cloud Threat Hunting conducts 24x7x365 operations and can prevent incidents and breaches while proactively alerting customers to cloud-based attacks, including:
- Adversary activity taking place within and across cloud infrastructure for Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure and other cloud service providers.
- Sophisticated hands-on-keyboard activity and zero-days that take advantage and compromise cloud workloads and containers in production.
- Cloud-based IOAs, such as control plane and serverless vulnerabilities, misconfigurations, application behavior anomalies, container escapes, privilege escalations, node compromises and more.
- Attack paths that first exploit traditional IT assets to gain initial entry and pivot to applications, systems and data in the cloud.
“CrowdStrike pioneered the concept of blending industry-leading technology with proactive threat hunting to deliver truly comprehensive protection that closes the gap between detection and response,” said Shawn Henry, CrowdStrike chief security officer and president of CrowdStrike Services. “We’re bringing that same leadership to Falcon OverWatch Cloud Threat Hunting – a cloud-specific new service that no other vendor can offer. Organizations gain access to around-the-clock cloud expertise without the costly overhead or requisite investments in hiring, training and tooling that’s required to succeed in combating adversaries. We believe that Falcon OverWatch Cloud Threat Hunting is a powerful force multiplier for organizations seeking a dedicated service to protect their cloud environments.”
“Elite threat hunting skills are hard to find and retain, and Falcon OverWatch has truly been a seamless extension of our security team to see and stop sophisticated cloud threats,” said Michael Sherwood, CIO for the City of Las Vegas. “As we move away from physical hardware and more to virtual and cloud-based systems, we are looking for partners who have the skills and technology to support that transition. CrowdStrike has enabled us to make these shifts securely – marrying automation with human intelligence to deliver effective, real-time threat prevention.”
“Cloud complexity isn't slowing down and the attack surface keeps growing exponentially – something adversaries have taken advantage of,” said Craig Robinson, Research Vice President, Security Services at IDC. “Having the right technology and processes in place are two legs of the cybersecurity stool, but organizations also need the right expertise as the third leg to combat sophisticated cloud threats.”
For additional information on Falcon OverWatch Cloud Threat Hunting, please visit our website.
About CrowdStrike
CrowdStrike (Nasdaq: CRWD), a global cybersecurity leader, has redefined modern security with one of the world’s most advanced cloud-native platforms for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity and data.
Powered by the CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon® platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities.
Purpose-built in the cloud with a single lightweight-agent architecture, the Falcon platform delivers rapid and scalable deployment, superior protection and performance, reduced complexity and immediate time-to-value.
CrowdStrike: We stop breaches.
Learn more: https://www.crowdstrike.com/
Follow us: Blog | Twitter | LinkedIn | Facebook | Instagram
Start a free trial today: https://www.crowdstrike.com/free-trial-guide/
© 2022 CrowdStrike, Inc. All rights reserved. CrowdStrike, the falcon logo, CrowdStrike Falcon and CrowdStrike Threat Graph are marks owned by CrowdStrike, Inc. and registered with the United States Patent and Trademark Office, and in other countries. CrowdStrike owns other trademarks and service marks, and may use the brands of third parties to identify their products and services.
View source version on businesswire.com: https://www.businesswire.com/news/home/20220726005395/en/
Contacts
Kevin Benacci
CrowdStrike Corporate Communications
press@crowdstrike.com