How CrowdStrike Provides Visibility for Cloud Security

Introduction

With the rapid adoption of cloud deployments, many organizations are struggling to implement consistent security standards. This document and video will demonstrate how CrowdStrike’s purpose built solutions give organizations multi-cloud visibility and reporting to streamline the security of their multi-cloud deployments.

Video

Cloud Workload Discovery and Reporting

CrowdStrike’s Cloud Workload Protection provides automatic discovery of cloud workloads with easy to reference dashboards. Shown below, the main dashboard includes various statistics regarding instances and cloud presence across the different providers along with security insights like sensor coverage and high risk ports. Each chart area is clickable, and individual provider dashboards are available for more focused information.

As an example, the GCP dashboard reflects similar statistics based strictly on Google instances. This page includes the ability to search and sort the discovered compute instances based on management status and state. There are also options to use attributes like firewall ID, global accessibility, port and network to find instances and prioritize potential security issues.

In addition to reporting by cloud provider, CrowdStrike also delivers dashboards specific to container workloads – an important aspect of many cloud strategies. As containers tend to have short lifespans, having this sustained visibility into usage patterns, configurations and images is a valuable security tool.

Cloud Security Posture Management

Falcon Horizon, CrowdStrike’s Cloud Security Posture Management solution, uses frequent assessments to provide real time information on the configuration of cloud workloads. The results of those assessments are then reported in easy to read charts on the main dashboard. The dashboard can be filtered to hone in on a specific severity level, account, or region as well as results of historical assessments. The clickable charts enable breakdowns by region, account and policy providing easy access to the supporting details including recommended steps to remediate potential security issues. The dashboard also includes an illustration of trends for each service. 

Cloud Account Registration

Cloud accounts can be registered directly in the Falcon user interface for AWS, Azure and Google Cloud.

As shown below, AWS registration can be done individually, in batches, or through an organization ID.

Closing

As a cloud native solution provider, CrowdStrike understands that identifying and monitoring dynamic cloud workloads is critical to improving overall security. Leveraging expertise and years of experience with public cloud deployments, CrowdStrike has developed solutions that deliver easy to use visibility and reporting to help organizations discover, understand and secure these rapidly evolving and dynamic workloads.

More resources

 

CrowdStrike Falcon Free Trial
 

Try CrowdStrike Free for 15 Days Get Started with A Free Trial