Back to Tech Center

How to Monitor Compliance with Falcon Horizon

March 19, 2021

CrowdStrike Tech Center

Introduction

The adoption of public cloud infrastructure has resulted in a larger attack surface and different types of security risk. A large percentage of breaches involving cloud deployments can be traced back to issues with human error and misconfiguration. As a result, organizations like the Center for Internet Security (CIS) have developed best practices and guidelines to help companies hold themselves accountable and protect cloud deployed applications and data.

Video

Falcon Horizon Compliance Dashboards

CrowdStrike’s CSPM solution, Falcon Horizon, delivers visibility and assessment of multi-cloud deployments while also reporting compliance status for CIS benchmarks. Directly from the Falcon Horizon user interface, there is a menu option to open compliance dashboards for each supported cloud provider.

CSPM compliance menu

The dashboard reflects assessment findings with a direct correlation to CIS benchmarks. There are breakdowns by severity, benchmark, service and account. Each chart area is clickable providing fast access to the supporting details. In this AWS example, there are eleven total findings across four different services. The majority represent benchmarks related to AWS Foundations, while others fall into the AWS Web Architecture category.

CSPM AWS Compliance

The Azure dashboard is shown below with fifteen total findings across six services and five different benchmarks.

CSPM Azure Dashboard

Detailed Compliance Findings

The supporting details are included below the charts. They can be filtered by clicking a chart area or using the filter options shown below. From this page, each line item links to the specific findings.

CSPM Compliance details for AWS

Along with the individual findings, CrowdStrike provides the remediation steps along with links to policy details, provider documentation and the CIS benchmark information to inform and enable organizations to take action to correct misconfigurations and errors.

Compliance policy details

CIS Benchmark Documentation

Both the “Details” link on the dashboard and the numeric link on the findings page (shown above) can be used to view the more complete explanation on the CIS benchmarks. In addition to description, rationale and impact statements, the details include both audit and remediation procedures.

CSPM CIS Benchmarks

Conclusion

The use of public cloud infrastructure increases an organization’s attack surface as well as risk around human error, misconfigurations and compliance issues. Falcon Horizon not only delivers mutli-cloud visibility and assessment, but also easy to reference dashboards and documentation specifically developed to help companies measure and achieve compliance targets.

More resources

Related Content

TRY CROWDSTRIKE FREE FOR 15 DAYS

GET STARTED WITH A FREE TRIAL