Falcon Horizon CSPM
CrowdStrike Falcon® Horizon CSPM streamlines cloud security posture management across the application development lifecycle for multi-cloud environments, enabling you to securely deploy applications in the cloud with greater speed and efficiency.
Download Data Sheet
Benefits
See More, Know More, Do More with Falcon Horizon
-
![Unify visibility and control across multi-cloud environments:]()
Unify visibility and control across multi-cloud environments:
Falcon Horizon delivers continuous discovery and visibility of cloud-native assets providing valuable context and insights into the overall security posture and the actions required to prevent potential security incidents.
-
![triage icon]()
Prevent cloud misconfigurations and eliminate compliance violations
Falcon Horizon provides intelligent monitoring of cloud resources to detect misconfigurations, vulnerabilities and security threats, along with guided remediation to resolve security risks and enable developers with guardrails to avoid costly mistakes.
-
![complex icon]()
Reduce alert fatigue with targeted threat detection
Falcon Horizon continuously monitors for anomalies and suspicious activity, and integrates seamlessly with SIEM solutions enabling security teams to gain visibility, prioritize threats, reduce alert fatigue by eliminating noise, and respond and fix issues faster.
Features
CLOUD SECURITY MADE SIMPLE
PROTECT, OPTIMIZE AND COMPLY
CLOUD DISCOVERY AND VISIBILITY
- Provides a single source of truth for cloud assets and security configurations across multi-cloud environments and accounts.
- Discover cloud resources and details automatically upon deployment, including misconfigurations, metadata, networking, security, access control, and change activity.
- Manage security group policies across accounts, projects, regions and virtual networks from a single console.
- Gain insight into all control plane API calls and uncover security risks within managed Kubernetes clusters.
- Identify unprotected cloud resources.
- To see a complete list of all monitored services click here.
MISCONFIGURATION MANAGEMENT & ONE-CLICK REMEDIATION
- Compare cloud application configurations to industry and organizational benchmarks, to identify violations and remediate in real time.
- Fix issues that leave cloud resources exposed, such as misconfigurations, open IP ports and unauthorized modifications with guided remediation and guardrails that enable developers to avoid critical mistakes.
- Monitor storage to ensure permissions are secure and not publicly accessible.
- Prevent users from putting your organization at risk by automating the detection and remediation of identity-based risks in Azure.
- Ensure Azure AD groups, users, and apps have the correct permissions using the new Identity Analyzer reports.
- Remediate issues faster and reduce alert fatigue with enhanced policy management for cloud accounts, regions or specific resources.
- Monitor database instances and verify that high availability, backups, and encryption are enabled, as well as security groups to limit exposure.
Real-Time Threat Detection
- Targeted threat identification and management approach cuts through the noise of multi-cloud environment security alerts.
- Drastically reduces the number of alerts by focusing on areas adversaries are most likely to exploit.
- Prioritizes vulnerabilities based on your environment and prevents vulnerable code from reaching production.
- Real-time threat detection that continuously monitors for malicious activity, unauthorized behavior and access to cloud resources.
CONTINUOUS COMPLIANCE MONITORING
- Continuously monitor the compliance posture of all of your cloud resources from a single console.
- CIS benchmark assurance provides detailed reporting, enabling you to assess the security of cloud accounts against Docker and Kubernetes CIS benchmarks.
- Identify policy violations and take immediate user-driven action to remediate.
DEVSECOPS INTEGRATION
- Centralizes visibility and control over cloud resources arming DevSecOps teams with a single source of truth.
- Enables security teams to prevent compromised assets from progressing down the application lifecycle.
- Streamlines visibility for security operations and provides insights and context for misconfigurations and policy violations.
- Integrate, remediate and respond faster within the DevOps tool sets you already use.
- Offers reporting and dashboards that drive alignment and a shared understanding across security operations, DevOps and infrastructure teams.
CLOUD INTEGRATIONS
Optimize your investments and get started faster
Cloud Security Posture Management
Click the links below to visit the CrowdStrike Integration Center
DevOps & Cloud-Native
Click the links below to visit the CrowdStrike Integration Center
- Go Falcon CS GoLang OAuth2 API SDK
- Falcon Py CS Python OAuth2 API SDK
- PS Falcon CS Powershell OAUTH2 API SDK
- Kubectl-Falcon: Plug-in to kubectl command-line tool
- Falcon Helm: Falcon Helm Chart and the Helm Operator are designed to deploy and manage the Falcon sensor
- Falcon Operator: Simplifies building container applications
- AWS Guard Duty
ADDITIONAL CLOUD SECURITY SOLUTIONS
-
![triage icon]()
Falcon Cloud Workload Protection
Provides comprehensive breach protection across private, public, hybrid and multi-cloud environments, allowing customers to rapidly adopt and secure technology across any workload.
-
![Container Security]()
Container Security
The Falcon platform and intelligent, lightweight Falcon agent offer unparalleled protection and real-time visibility. Specifically tailored for containers, Falcon provides detailed insight into both the host and container-specific data and events.
-
![resources icon]()
Cloud Security Assessment
Test and evaluate your cloud infrastructure to determine if the appropriate levels of security and governance have been implemented to counter inherent security challenges.
Product Validation
Customers That Trust CrowdStrike
Third-Party Validation
Since 2016, CrowdStrike has demonstrated a strong commitment to continuous industry collaboration, scrutiny, and testing. Time and time again, CrowdStrike has been independently certified to replace legacy solutions.
-
![[For Modules Only] 2019 GARTNER MAGIC QUADRANT (MQ) FOR ENDPOINT PROTECTION PLATFORMS (EPP)]()
Positioned as a Leader
Download this complimentary report to learn the analysis behind CrowdStrike’s positioning as a Leader and what CrowdStrike believes it could mean for your organization’s cybersecurity posture.
-
![[For Modules Only] THE FORRESTER WAVE: ENDPOINT SECURITY SUITES, Q3 2019]()
Named a Leader
Read this critical report to learn why CrowdStrike was named a “Leader” in the 2019 Forrester Wave with the top ranking in strategy and high scores in 17 criteria.
-
![[For Modules Only] Gartner Critical Capabilities]()
HIGHEST SCORE FOR TYPE A
Learn why CrowdStrike scores highest overall out of 20 vendors for use case Type A or “forward leaning” organizations.
![[For Modules Only] 2019 GARTNER MAGIC QUADRANT (MQ) FOR ENDPOINT PROTECTION PLATFORMS (EPP)](https://www.crowdstrike.com/wp-content/uploads/2019/10/Gartner_logo.png){kind=logo}
![[For Modules Only] THE FORRESTER WAVE: ENDPOINT SECURITY SUITES, Q3 2019](https://www.crowdstrike.com/wp-content/uploads/2019/10/Forrester-Logo.png){kind=logo}
Visit our third-party evaluations page to see how CrowdStrike performed against the industry’s most rigorous tests and trials.