Cloud Security Posture Management with CrowdStrike

Introduction

As companies expand their use of public cloud infrastructure, not only does the attack surface grow so does the risk of human error and misconfigurations. This document and video will demonstrate how CrowdStrike’s Falcon Horizon provides cloud security posture management to help organizations identify security issues and indicators of misconfiguration across their own cloud deployments.

Video

Monitor for Misconfigurations

As part of Falcon Horizon, CrowdStrike has developed policies for various cloud services that can be monitored and reported in the Falcon user interface. On the policies tab, there is a menu of services for each cloud provider. Filtering by provider displays the applicable services and policies as well as the corresponding service subtypes.

For each policy, additional details are available including description, alert logic and MITRE context to help organizations understand potential risks and make informed policy choices. Organizations also have the ability to assign a customized severity to each policy and enable only those that apply within their specific environment.

Prioritize Findings

Once cloud accounts are registered and the assessments are scheduled, CrowdStrike will report the detailed findings in the same, easy to use interface. The main dashboard provides an overview of the assessment findings across all of the registered cloud accounts. The results can be filtered by provider as well as severity, account, and region. By default, the dashboard reflects the most recent assessment, but menu options are available to quickly reference historical results.

Each chart area is clickable, providing easy access to the supporting details. Drilling down on a policy or service takes you to the assessment results. The specific policy findings can be sorted based on account, region and service. From this page, there are also pull down menus available to change the filtered view or select a different, historical assessment.

Remediate Misconfigurations

For each policy, CrowdStrike also provides the detailed information needed to take action and resolve any issues. These details include the ability to sort and identify impacted instances by state, platform and management status. This list can be used along with the provided remediation steps to get these findings resolved.

On the dashboard, there is also an illustration of trends per service. This shows the number of findings per day to track progress over time as these identified issues are resolved.

Closing

Falcon Horizon provides visibility and assessment of multi-cloud deployments so that organizations can effectively monitor and report on these rapidly evolving and dynamic workloads. Streamlining security throughout the development lifecycle enables secure deployment of applications in the cloud with greater speed and efficiency.

More resources

 

CrowdStrike Falcon Free Trial
 

Try CrowdStrike Free for 15 Days Get Started with A Free Trial