CrowdStrike Holdings Inc. today introduced new features for its Falcon cybersecurity platform aimed at helping enterprises more effectively defend their public cloud environments from hackers. 

CrowdStrike is a publicly traded cybersecurity company listed on the Nasdaq. The company’s flagship Falcon platform is used by more than 16,300 organizations to protect their information technology infrastructure. CrowdStrike’s revenue jumped 63%, to $431 million, last quarter thanks to strong demand for its software.

The Falcon platform comprises several different modules each focused on a different set of cybersecurity tasks. Today’s update focuses on two modules: Falcon CWP and Falcon Horizon.

Falcon CWP allows companies to install a program called an agent on their IT systems that, similarly to an antivirus, detects threats and automatically blocks them. Falcon Horizon also detects threats, but it doesn’t require installing an agent on the systems being protected. This latter approach is preferable in some situations, such as when a device is configured in a way that makes it impractical to install an additional piece of software. 

The agent-based approach used by Falcon CWP “enables pre-runtime and runtime protection, compared to the agentless-only solutions that only offer partial visibility and lack remediation capabilities,” explained Amol Kulkarni, chief product and engineering officer at CrowdStrike. “An approach that combines agentless scanning with agent-driven protection can ensure security and DevOps teams are able to deploy the type of protection needed regardless of their environment.”

Falcon Horizon, the module that detects threats without using agents, is receiving new features for securing public cloud environments.

In Amazon Web Services Inc. environments, Falcon Horizon can now not only detect potential breaches but also recommend ways to remediate them. Recommendations are generated with the help of a CrowdStrike offering called Falcon Fusion that debuted last year. According to CrowdStrike, its automatic remediation suggestions reduce the time it takes to fix cybersecurity issues, which helps companies limit the impact of data breaches.

For organizations using Microsoft Corp.’s Azure cloud platform, today’s Falcon Horizon update introduces new user security features.

Many companies use a Microsoft product called Active Directory to limit which employees can access what components of their  cloud environments. If an employee’s account has access to more components than is strictly necessary and the account is breached, hackers can potentially steal valuable data. Falcon Horizon adds a feature that can identify opportunities to reduce unnecessary cloud access permissions, which helps limit the risk posed by cyberattacks.

CrowdStrike is also rolling out new features for Google Cloud. According to the company, Falcon Horizon now enables customers to more easily spot misconfigured settings in their Google Cloud deployments that may increase the risk of a data breach. 

Falcon Horizon and Falcon CWP, the other module of CrowdStrike’s cybersecurity platform that has received updates, are being integrated with a new centralized monitoring dashboard. The dashboard allows IT teams to centrally track security issues detected by Falcon Horizon and Falcon CWP.

Falcon CWP is separately being upgraded with features for detecting cybersecurity issues in software containers.

The update adds machine learning features that can detect if a container may have been breached by hackers. Additionally, Falcon CWP detects configuration issues that may lead to a breach in the future. 

The software can determine whether a container is set up in a way that may enable hackers to overwrite its contents with malware. Similarly, Falcon CWP finds misconfigured containers with the ability to modify the cloud infrastructure on which they run. Removing such containers makes it more difficult for hackers to access a company’s cloud infrastructure and modify important settings.

Photo: Unsplash