CrowdStrike Falcon Cloud Security Extends Unified Protection to VMware Environments

Organizations are rapidly adopting cloud platforms to accelerate development, scale operations, and optimize efficiency. VMware’s robust cloud solutions, including VMware® Tanzu Platform and VMware vCenter, are among the critical tools that empower teams to build, deploy, and manage workloads with ease.

However, this evolution brings new security challenges. Virtual machines, container images, and other cloud assets can become attack vectors if not properly protected. Security teams must ensure every workload, whether in pre-runtime or runtime, is continuously monitored and secured against evolving threats.

To help customers meet these challenges, CrowdStrike Falcon® Cloud Security has expanded support to VMware software to simplify the security of applications and virtualized environments. These updates provide greater visibility into VMware vCenter managed environments via asset inventory capabilities and introduce protection for applications running on VMware Tanzu with the CrowdStrike Falcon tile in Tanzu Platform.

Gain Full Visibility into VMware vCenter with Asset Inventory

CrowdStrike’s new asset inventory collector for VMware vCenter enables organizations to see all virtual machines (VMs) within their VMware vCenter managed environment and identify unprotected assets. The asset inventory collector automatically scans vCenter managed environments and updates Falcon Cloud Security with the newest information. It detects unmanaged VMs and delivers detailed asset insights, including VM state, VMware Tools status, and asset history — all within the Falcon Cloud Security console.

Deployment is streamlined and requires minimal setup, reducing operational complexity. Teams can efficiently monitor all VMs and ensure asset data remains accurate and updated to maintain a strong security posture. They can also identify security gaps and validate the proper deployment of Falcon sensors. This broad visibility enables security teams to detect and address unmanaged assets, which may pose security risks if left unprotected. With this unified view of all assets, security and IT teams can seamlessly monitor and manage their VMware environments in one place to gain comprehensive protection against breaches.

Protect Applications on Tanzu Platform with the CrowdStrike Falcon Tile

Users of Tanzu Platform can now implement CrowdStrike Falcon security capabilities with just a few clicks using the CrowdStrike Falcon tile. Deployed through Tanzu Platform Ops Manager, the Falcon tile automates sensor deployment to workloads running on Ubuntu or Windows stemcells, including user-developed applications and off-the-shelf software like databases and message queues. 

Under the hood of Tanzu Platform, the Falcon tile is a Cloud Foundry BOSH release that installs the Falcon sensor across all virtual machines in a deployment. When applied, BOSH ensures the sensor is installed during the pre-start phase, providing continuous protection for current and future workloads.

These capabilities were jointly developed and tested with VMware Tanzu to ensure seamless integration and reliability. By using an officially validated tile rather than building custom integrations, security teams gain confidence in supportability. The integration has been tested with Tanzu Platform versions 4.0, 6.0, and 10 (formerly called VMware Tanzu Application Service), and it is already in use by multiple organizations.

Tanzu Platform’s automated application delivery strengthens an organization’s defenses by helping enterprises stay ahead of adversaries. By rotating credentials frequently, it helps developers mitigate the risk of stolen secrets. Regularly repaving applications from a known good state eliminates persistence, while rapidly repairing vulnerabilities ensures security patches are applied as soon as they become available. Tanzu’s ability to refresh applications within hours disrupts adversaries that rely on long-term access. And, with the fastest recorded adversary breakout time at just under one minute in 2024, CrowdStrike’s cloud runtime protection provides an additional layer of defense, allowing Tanzu Platform operators to safeguard applications against even the fastest threats.

CrowdStrike + Broadcom: A Unified Approach to Cloud Security

With these integrations, CrowdStrike and Broadcom are delivering seamless, automated protection across VMware-based virtualized and cloud environments. Whether adding more layers of security for applications deployed to Tanzu Platform or gaining full visibility into vCenter assets, organizations can confidently manage and protect their critical VMware workloads.

Additional Resources

• Learn how CrowdStrike easily ingests VMware ESXi data into the CrowdStrike Falcon platform for enhanced cloud security.
• Schedule a free demo to experience Falcon Cloud Security in action for yourself.