Press Release | Media on CrowdStrike

CrowdStrike Integrates Intelligence Feeds and Automation Capabilities to Enhance Newly Introduced AWS Network Firewall

New integration streamlines incident response, providing a continuous line of defense from the network to the workload against threat actors regardless of the attack vector

SUNNYVALE, Calif.  – November 18, 2020 – CrowdStrike Holdings, Inc. (Nasdaq: CRWD), a leader in cloud-delivered endpoint and workload protection, today announced it is a Launch Partner for AWS Network Firewall, a managed service that makes it easy to deploy essential network protections for all of a customer’s Amazon Virtual Private Clouds (Amazon VPCs). This integration enables customers to leverage the CrowdStrike Falcon® platform capabilities by extending threat intelligence and deployment automation for streamlined incident response and simplified operations. This development further deepens the technical collaboration between Amazon Web Services (AWS) and CrowdStrike, a pioneer of the security cloud, to offer customers enhanced solutions that protect workloads from the network to the endpoint.

An increasingly complex threat environment coupled with the widespread digital transformation that organizations have undergone has made it necessary to institute multi-layered risk-mitigation strategies to secure cloud workloads and endpoints. This latest integration from CrowdStrike for AWS allows organizations to implement a modern enterprise security approach where network-layer protection works in conjunction with cloud workload protection controls to defend against sophisticated threat activity. This allows customers to build a seamless line of defense across cloud workloads hosted in Amazon VPCs across multiple AWS accounts.

“Through our growing collaboration with AWS, CrowdStrike continues to meet the needs of today’s cloud-first businesses by providing critical security capabilities that leverage intelligence feeds, threat hunting, policy controls and streamlined incident management – all critical components of a robust cyber defense strategy,” said Michael Sentonas, CrowdStrike’s chief technology officer. “By integrating with AWS Network Firewall, we are enabling organizations to implement a holistic enterprise security strategy that provides comprehensive visibility, automation of policy and operations and shortened time to detection, from the network to the workload.”

“Organizations must deploy a multilayered security strategy in order to fortify their security posture against advanced threats from the multiple attack vectors that target their corporate networks,” said Andrew Thomas, General Manager, Perimeter Protection, Amazon Web Services, Inc. “The integration of CrowdStrike Falcon intelligence feeds and automation capabilities for AWS Network Firewall advances protections for our joint customers across their AWS footprint, by providing a continuous line of defense from the network to the workload.”

The CrowdStrike Falcon integration with AWS Network Firewall offers customers the ability to export domain-based indicators of compromise (IoCs) identified through threat intelligence feeds from the CrowdStrike Falcon platform to block nefarious network activity related to malicious domains and domain-based exploitation techniques. As a result, customers can accelerate their incident response with dynamic policy creation that quickly blocks access to known compromised domains across their AWS footprint. The integration also enables users to proactively hunt for suspicious activity based on specific criteria, such as industry, threat actor or tactics, techniques and procedures (TTPs), across their Falcon managed hosts and AWS networks.

Capabilities for AWS Network Firewall:

  • Dynamic Policy Creation: Leverage threat detections from the CrowdStrike Falcon platform to construct policies that secure AWS network traffic against known domain-based threats, based on industry vertical, a specific threat actor or exploitation techniques.
  • Streamlined Incident Response: Create domain filtering policies based on alerts from Falcon managed hosts to secure an organization’s entire AWS footprint.
  • Proactive Threat Hunting: Proactively hunt for threat activity across Falcon managed and unmanaged workloads in AWS accounts by creating firewall policies.

Amazon Linux 2 Ready designation

CrowdStrike, an AWS Advanced Technology Partner, has also achieved the Amazon Linux 2 Ready designation, part of the AWS Service Ready Program. This designation recognizes that the CrowdStrike Falcon platform has been validated to run on and support Amazon Linux 2.  Shared customers can seamlessly deploy Falcon sensor and secure AWS workloads running on Linux 2 with Falcon Cloud Workload Protection product suite.

In addition to the integration for AWS Network Firewall, and the Amazon Linux 2 Ready designation, CrowdStrike recently announced expanded support for AWS Workloads and Container Deployments, including compute services AWS Graviton, Amazon Workspaces, Bottlerocket, and cloud services AWS PrivateLink and AWS Control Tower. CrowdStrike also introduced Falcon Horizon and Falcon for AWS, which provides cloud security posture management and cloud workload protection, an integration with Amazon GuardDuty, which protects against vulnerabilities, malicious activity, and unauthorized behavior, and participated in the launch of AWS Security Hub. CrowdStrike has also achieved AWS Security Competency status and is available in the AWS Marketplace.

To read more about CrowdStrike’s latest integrations for AWS, visit this blog.

For more information, see the AWS Network Firewall page.

Forward-Looking Statements

This press release contains forward-looking statements that involve risks and uncertainties, including statements regarding the benefits of CrowdStrike’s collaboration and integration with AWS for organizations. There are a significant number of factors that could cause actual results to differ materially from statements made in this press release.

You should not rely on these forward-looking statements, as actual outcomes and results may differ materially from those contemplated by these forward-looking statements as a result of such risks and uncertainties. All forward-looking statements in this press release are based on information available to us as of the date hereof, and we do not assume any obligation to update the forward-looking statements provided to reflect events that occur or circumstances that exist after the date on which they were made.

About CrowdStrike

CrowdStrike Holdings, Inc. (Nasdaq: CRWD), a global cybersecurity leader, is redefining security for the cloud era with an endpoint and workload protection platform built from the ground up to stop breaches. The CrowdStrike Falcon® platform’s single lightweight-agent architecture leverages cloud-scale artificial intelligence (AI) and offers real-time protection and visibility across the enterprise, preventing attacks on endpoints and workloads on or off the network. Powered by the proprietary CrowdStrike Threat Graph®, CrowdStrike Falcon correlates 4 trillion endpoint-related events per week in real time from across the globe, fueling one of the world’s most advanced data platforms for security.

With CrowdStrike, customers benefit from better protection, better performance and immediate time-to-value delivered by the cloud-native Falcon platform.

There’s only one thing to remember about CrowdStrike: We stop breaches.

Qualifying organizations can gain full access to Falcon Prevent™ by starting a free trial.

Learn more: https://www.crowdstrike.com/

Follow us: Blog | Twitter

© 2020 CrowdStrike, Inc. All rights reserved. CrowdStrike, the falcon logo, CrowdStrike Falcon and CrowdStrike Threat Graph are marks owned by CrowdStrike, Inc. and registered with the United States Patent and Trademark Office, and in other countries. CrowdStrike owns other trademarks and service marks, and may use the brands of third parties to identify their products and services.

Contacts

CrowdStrike, Inc.

Ilina Cashiola, 202-340-0517

Ilina.cashiola@crowdstrike.com