Falcon for Red Hat

The CrowdStrike Falcon® platform provides comprehensive breach protection for Red Hat Enterprise Linux and Red Hat OpenShift nodes, workloads and containers, enabling organizations to build, run, and secure cloud-native applications with speed and confidence.


Why Choose CrowdStrike to Protect your Red Hat deployments


Comprehensive Breach Protection

Unified posture management and breach protection for cloud workloads and containers in a single platform designed for any cloud. Gain real-time visibility, detection, and response to prevent data breaches, enforce security policies and ensure compliance, reduce alert fatigue creating less work for security teams and optimize cloud deployments.


Unparalleled visibility

Gain visibility into your entire cloud and Red Hat infrastructure, continuously monitor for misconfigurations, ensure security policy and compliance enforcement, and proactively detect and prevent threats enabling DevSecOps teams to “shift left” and fix issues before they reach production saving valuable time and money.

Asset 51

Save operational time

Build and run applications knowing they are protected. Get access to automated discovery, runtime protection for cloud workloads and containers, and managed threat hunting on a lightweight agent enabling you to securely deploy applications in the cloud with greater speed and efficiency.

How Falcon Protects Red Hat OpenShift

Ensuring containers remain secure and compliant across Kubernetes clusters can cause already stretched DevOps and security teams
to get overwhelmed with operational and security challenges given the lack of visibility and increased complexity.
This lack of visibility and complexity adds to the risk of breach for organizations.

DevOps and security teams need solutions to address these challenges and management of multiple Kubernetes clusters
across any infrastructure and provide integrated tools for running containerized workloads seamlessly.

Red Hat Certifications and OpenShift Support

Today, CrowdStrike has several Red Hat Certifications and supports the following OpenShift implementations:

  • RedHat Certifications
    • Red Hat OpenShift Certification
    • Red Hat Ansible Automation Certification
  • RedHat OpenShift Support
    • Red Hat OpenShift Container Platform
    • Azure Red Hat OpenShift (ARO)
    • Red Hat OpenShift Service on AWS (ROSA)
    • OpenShift on IBM Cloud
    • OpenShift Dedicated 4

Comprehensive visibility into compute instances

  • Continuously monitors events to provide visibility into workload activities on Red Hat, including activities running inside containers; a full set of enriched data and event details enables investigations against ephemeral and decommissioned workloads
  • Offers proactive threat hunting across all compute instances and endpoints from the same console
  • Detects and investigates attacks that span multiple environments and different types of workloads, pivoting from endpoint to compute instances to containers
three people looking at a desktop screen, one man pointing at the screen

Container Security

Empower developers to protect containers, Kubernetes® and hosts from build to run, on any with CrowdStrike Container Security.

  • Container support
    includes Open Container Initiative (OCI)-based containers such as Docker, orchestration platforms such as self-managed Kubernetes and hosted orchestration platforms and OpenShift
  • Secures the host and container
    via a single Falcon agent running on the host, and runtime protection defends containers against active attacks
  • Investigate container incidents
    easily when detections are associated with the specific container and not bundled with the host events
  • Provides visibility
    into container footprint including on-premises and Red Hat deployments, so you can easily view container usage — including trends, uptime, images used and configuration — to identify risky and misconfigured containers

Runtime Protection

Combines the best and latest technologies to protect against active attacks and threats when workloads are the most vulnerable — at runtime.

  • Includes custom indicators
    of attack (IOAs), whitelisting and blacklisting to tailor detection and prevention
  • Offers integrated threat intelligence
    to block known malicious activities and delivers the complete context of an attack, including attribution
  • Provides 24/7 managed threat hunting
    to ensure that stealthy attacks don’t go undetected