- CrowdStrike has released a new threat hunting service called Falcon OverWatch Cloud Threat Hunting to prevent threats in advance within the cloud.
- CrowdStrike’s new hunting service runs 24x7x365 and can stop incidents and breaches while proactively alerting customers to cloud-based attacks.
- Falcon OverWatch Cloud Threat Hunting investigates suspicious and irregular behaviors and attacker tradecraft by leveraging agent-based and agentless Cloud Native Application Protection Platform (CNAPP) capabilities.
An American cybersecurity technology company based in Austin, Texas, CrowdStrike has announced the release of a new threat hunting service called Falcon OverWatch Cloud Threat Hunting. It is a standalone threat hunting service created to prevent advanced threats within the cloud.
A proactive threat hunting service
The rapid adoption of cloud-native architectures have been unfolded new wide attack surfaces, and most of the time security teams are often left without visibility. Or they are left without the required skill sets to hunt continuously for sophisticated threats across these complex cloud environments. As a result, the attackers are finding cloud assets and exploiting them faster than security teams can uncover them.
CrowdStrike’s Falcon OverWatch Cloud Threat Hunting investigates suspicious and irregular behaviors and attacker tradecraft by leveraging agent-based and agentless Cloud Native Application Protection Platform (CNAPP) capabilities. Shawn Henry, CrowdStrike chief security officer and president of CrowdStrike Services said;
«We’re bringing that same leadership to Falcon OverWatch Cloud Threat Hunting – a cloud-specific new service that no other vendor can offer. Organizations gain access to around-the-clock cloud expertise without the costly overhead or requisite investments in hiring, training, and tooling that’s required to succeed in combating adversaries. We believe that Falcon OverWatch Cloud Threat Hunting is a powerful force multiplier for organizations seeking a dedicated service to protect their cloud environments. »
CrowdStrike’s new hunting service operates 24x7x365 and can stop incidents and breaches while proactively alerting customers to cloud-based attacks, including:
- Adversary activity taking place within and across cloud infrastructure for Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure, and other cloud service providers.
- Sophisticated hands-on-keyboard activity and zero-days that take advantage and compromise cloud workloads and containers in production.
- Cloud-based IOAs, such as control plane and serverless vulnerabilities, misconfigurations, application behavior anomalies, container escapes, privilege escalations, node compromises, and more.
- Attack paths that first exploit traditional IT assets to gain initial entry and pivot to applications, systems, and data in the cloud.