CrowdStrike (Nasdaq: CRWD), a pacesetter in cloud-delivered coverage of endpoints, cloud workloads, identification and information, these days introduced robust new Cloud Local Utility Coverage Platform (CNAPP) functions that construct on its main agent-based and agentless method. Those improvements to CrowdStrike Cloud Safety prolong enhance to Amazon Elastic Container Carrier (ECS) inside AWS Fargate, enlarge symbol registry scanning for 8 new container registries and allow Device Composition Research (SCA) for open-source device.
Bins have modified how packages are constructed, examined and used, enabling them to be right away deployed at scale for any atmosphere. As container adoption will increase, it’s important that organizations have get entry to to equipment that supply higher visibility into their containerized packages so they may be able to perform extra protected. With enhance for Amazon ECS along up to now present enhance for Amazon Elastic Kubernetes Carrier (Amazon EKS), organizations have get entry to to extra safety equipment to control their AWS Fargate atmosphere.
“Through moving left and proactively assessing boxes, CrowdStrike shoppers will be capable to establish any vulnerabilities, embedded malware, or saved secrets and techniques earlier than they’re deployed. A lot of our shoppers depend on AWS as they modernize their IT infrastructure, making it important to enlarge our enhance to services and products like Amazon ECS,” mentioned Amol Kulkarni, leader product and engineering officer at CrowdStrike. “We stay up for proceeding to paintings with AWS to enhance our buyer.”
Handiest CrowdStrike delivers agentless and agent-based CNAPP functions thru a unified, built-in platform. With this unencumber, CrowdStrike extends those functions to incorporate:
Reinforce for AWS Fargate with Amazon ECS: Carry further safety controls to container environments through figuring out rogue boxes and waft detection. This capacity extends capability already to be had for AWS Fargate with Amazon EKS.
Symbol registry scanning for Docker Registry 2.0, IBM Cloud Container Registry, JFrog Artifactory, Oracle Container Registry, Pink Hat OpenShift, Pink Hat Quay, Sonatype Nexus Repository and VMware Harbor Registry: Allow the identity of hidden threats and configuration problems in boxes to cut back the assault floor and protected steady integration (CI)/steady supply (CD) pipelines. This capacity extends present capability for Amazon Elastic Container Registry (ECR), Docker Registry and further cloud registries.
“Given the rising adoption of open supply and boxes, organizations are in quest of a CNAPP that allows them to achieve complete visibility into their construction pipeline. It encourages a DevSecOps tradition, the place builders incorporate safety as a part of their day-to-day workflow,” mentioned Doug Cahill, vice chairman, analyst services and products and senior analyst at Undertaking Technique Staff (ESG). “The addition of SCA and the growth of latest container registries inside its symbol registry scanning device are compelling additions to Crowdstrike’s CNAPP providing.”
CrowdStrike’s adversary-focused technique to CNAPP supplies each agent-based (Falcon CWP) and agentless (Falcon Horizon – CSPM) answers delivered from the Falcon platform. This provides organizations the versatility important to resolve how highest to protected their cloud packages around the steady integration/steady supply (CI/CD) pipeline and cloud infrastructure throughout AWS and different cloud suppliers. The additional benefit of an agent-based CWP resolution is that it allows preruntime and runtime coverage, in comparison to agentless-only answers that solely be offering partial visibility and absence remediation functions.