CrowdStrike has updated its cloud protection and cybersecurity platform Cloud Detection and Response (CDR) to provide more functions and real-time protection possibilities in hybrid and multicloud environments.
CrowdStrike, as part of Falcon Cloud Security’s unified CNAPP platform, offers the Cloud Detection and Response upgrade based on three core innovations. The first is, as we have mentioned, a real-time detection engine, developed with streaming technology. This engine analyzes cloud logs as they arrive, applying instant detections to eliminate latency and false positives.
The solution now also has expanded cloud attack indicators. That is, it incorporates new real-time detection capabilities out of the box and designed specifically to detect the behavior of attackers in the cloud. These indicators use AI and machine learning to relate real-time activity to the context of assets and identities in the cloud. This exposes advanced attacks, from stealthy privilege escalations to CloudShell abuse.
Finally, CDR now also has automated response actions and flows in the cloud. Traditional workload protection stays with the workload itself and therefore leaves the cloud control plane exposed. Cloud security posture management only shows what could go wrong if runtime protection is not provided.
New customizable workflows based on Falcon Fusion SOAR close this gap by triggering the instant a threat is detected, automatically disrupting attackers without waiting for manual SOC intervention.
Elia Zaitsev, CrowdStrik Technology Directore, has highlighted from this update that «the sReal-time security makes the difference between stopping a breach or needing incident response – every second counts. Today’s cybercriminals move quickly and across domains, and security managers cannot afford to wait for cloud logs to be processed or detection to emerge.. CrowdStrike’s New CDR Solution Reduces Response Time to Seconds, Stopping Cloud Threats Before They Spread”.
