Back to Tech Center

How to Secure Amazon EC2 with Falcon Horizon

November 16, 2021

Tech Center
CrowdStrike Tech Center


A number of high profile breaches have been traced back to human errors and misconfiguration within public cloud infrastructure. CrowdStrike’s Cloud Security Posture Management solution, Falcon Horizon, provides monitoring of public cloud services to help organizations proactively identify and resolve potential issues with these growing deployments.


Cloud Security Policies for AWS EC2

Under the policies tab, there is a comprehensive list of supported services for each cloud provider.

cspm policies providers

Specifically for AWS, one of the most leveraged services is Amazon Elastic Compute Cloud or EC2. EC2 allows users to launch as many or as few virtual servers needed, configure security and networking, and manage storage. Given EC2 is a core AWS service, CrowdStrike offers a number of different policies to ensure the security of those instances. Some of those policies monitor for misconfigurations while other look for indicators of attack or malicious behaviors.

cspm ec2 policies

For policies that correlate to compliance benchmarks, the links present additional information about the different compliance regulations including the rationale statement and audit procedure. However, CrowdStrike’s CSPM policies are not limited to compliance. For EC2, CrowdStrike goes on to offer a number of additional policies that look beyond compliance requirements. 

Policy Findings and Remediation

Once the policies are enabled and the assessments are scheduled, the main dashboard presents the assessment findings. In this example, filtering the dashboard to focus on AWS reveals configuration findings for EC2 as well as a behavior finding.

cspm ec2 dashboard

Drilling down on EC2 through the “Top 10 Service Misconfigurations” chart displays the complete summary of those findings along with severity information.

cspm ec2 findings

By clicking on an individual policy, organizations can get all of the information they need to take action.  With the details of the impacted instances and the recommended remediation steps, the issue can be quickly resolved.

cspm ec2 details


Falcon Horizon delivers visibility and assessment of public cloud deployments to quickly identify and remediate potential configuration and behavioral issues. With CrowdStrike, organizations can leverage the power of multi-cloud environments while also ensuring the security of cloud deployed applications and data.

More resources

Related Content