Falcon Horizon CSPM

CLOUD DISCOVERY AND VISIBILITY

• Single source of truth: Get up and running in minutes and access a single source of truth for all cloud assets and security configurations across multi- cloud environments and accounts.
• See everything: Discover cloud resources and details automatically upon deployment, including misconfigurations, metadata, networking, security, access control and change activity, and eliminate security blind spots.
• Simplified management and security policy enforcement: Manage and enforce security group policies across accounts, projects, regions and virtual networks from a single console to reduce the attack surface.
• Monitor the control plane: Scale at will and gain insight into all control plane API calls and uncover security risks within managed Kubernetes clusters.
• Identify unprotected resources: Identify cloud resources not protected by Falcon and take immediate action.
• Supported Services: To see a complete list of all monitored services click here.

Read The Blog

Real-Time Threat Detection

• Accelerate response: Reduce the time it takes to detect and mitigate a breach from months to minutes with an adversary-focused approach that cuts through the noise with 50 out-of-the-box IOA policies designed to stop breaches save time and allow DevSecOps teams to take the most effective action.
• Confidence scoring and prioritization: Falcon Horizon’s patent-pending Confidence Scoring continuously aggregates, assesses and scores control plane threats and configurations to accurately identify malicious activity, reducing the time to understand and respond.
• IOA for cloud with Integrated threat intelligence: Delivers real-time alerting and reporting on 150+ cloud adversaries based on CrowdStrike’s market leading threat intelligence and research, for more effective response.
• Continuous control plane threat detection: Provides ML and behavior-based TTP/IOA detections and guided remediation for all cloud accounts, services and users across the cloud estate and improves investigation speed by up to 88%.
• Self-service threat hunting: Provides cloud-scale data and analytics for all cloud activity, enabling security teams to proactively uncover hidden threats and take action.

Learn More

DEVSECOPS INTEGRATION

• Improve decision making: With SIEM integration, streamline visibility for security operations and provide insights and context into misconfigurations and policy violations for faster incident response.
• Integrate at the speed of DevOps: Using the single API, achieve faster integration and remediation within the DevOps and collaboration tools you already use, such as email, Slack, PagerDuty and more.
• Fuel business performance: Through reporting and dashboards, drive alignment and a shared understanding across security operations, DevOps and infrastructure teams.

DevOps & Cloud-Native

Click the links below to visit the CrowdStrike Integration Center

• Go Falcon CS GoLang OAuth2 API SDK
• Falcon Py CS Python OAuth2 API SDK
• PS Falcon CS Powershell OAUTH2 API SDK
• Kubectl-Falcon: Plug-in to kubectl command-line tool
• Falcon Helm: Falcon Helm Chart and the Helm Operator are designed to deploy and manage the Falcon sensor
• Falcon Operator: Simplifies building container applications
• AWS Guard Duty