Falcon for AWS
CrowdStrike Falcon platform delivers end-to-end protection from the host to the cloud and everywhere in between, for workloads and containers on AWS.
Read the eBook
Benefits
Complete Breach Protection For AWS Workloads
-
![triage icon]()
COMPLETE VISIBILITY OF ALL AWS CLOUD RESOURCES
Continuous and comprehensive workload monitoring, and container visibility, ensuring nothing is missed and stealthy attacks can be stopped.
-
![PROTECTION FOR AWS WORKLOADS, HOSTS, AND CONTAINERS]()
PROTECTION FOR AWS WORKLOADS, HOSTS, AND CONTAINERS
Protect against breaches with unparalleled coverage. Defend against threats from malware to the most sophisticated attacks.
-
![ease of use icon]()
AUTOMATE FREELY AND ELIMINATE COMPLEXITY AND FRICTION
Built in the cloud for the cloud. Falcon for AWS reduces the overhead, friction and complexity associated with protecting cloud workloads and enables cloud security to keep up with the dynamic and flexible nature of AWS environments.
Features
How Falcon Protects AWS Workloads
UNRIVALLED VISIBILITY
- Full EDR prevents silent failure by capturing raw events for complete visibility.
- You gain visibility into incidents involving containers, with process trees showing container IDs.
- Full attack visibility provides details, context and history for every alert.
- Event details and a full set of enriched data is continuously available, even for ephemeral and decommissioned workloads.
- Rogue instance detection is enabled.
- Extensive AWS visibility includes environment, accounts and instances.
Amazon EC2 AND CONTAINER PROTECTION
- Combines the best and latest technologies to protect against active attacks and threats when AWS workloads are the most vulnerable — at runtime.
- Machine Learning and AI protects against known and zero-day malware.
- Protection against prevalent cloud workload threats like web shells, SQL shells and credential theft.
- Behavior-based indicators of attack (IOAs) detect sophisticated attacks such as fileless and malware-free.
- Offers integrated threat intelligence to block known malicious activities and delivers the complete context of an attack, including attribution.
- Exploit protection and blocking.
- Delivers container security through a single agent running on the node that protects the instance itself as well as all containers running on it.
- Provides 24/7 managed threat hunting to ensure that stealthy attacks don’t go undetected.
SEAMLESS AUTOMATION
- Automatic detection of attacker behavior with prioritized alerts and severity eliminates time-consuming manual searches and assessments.
- Integration with CI/CD deployment workflows.
- Powerful APIs enable automation of all functional areas including detection, management, response and intelligence.
- Scales as cloud workloads expand — no need for additional infrastructure.
- Integrates to AWS Security Hub for centralized management of threat alerts from AWS services.
THREAT GRAPH BREACH PREVENTION ENGINE
- Threat Graph predicts and prevents modern threats in real time through the industry’s most comprehensive sets of endpoint and workload telemetry, threat intelligence and AI-powered analytics.
- Threat Graph leverages enriched threat intelligence to deliver a visual representation of relationships across account roles, workloads and APIs to provide deeper context for faster more effective response.
- Deep AI and behavioral analysis identify new and unusual threats in real time and takes the appropriate action, saving value time for security teams.
- Threat Graph puts this body of knowledge at the responder’s fingertips in real time, empowering responders to understand threats immediately and act decisively.
- Targeted threat identification and management approach cuts through the noise of multi-cloud environment security alerts reducing alert fatigue.
SIMPLICITY AND PERFORMANCE
- Works everywhere: Amazon EC2 instances, Amazon ECS & Amazon EKS containers, Windows, Linux, Amazon Linux.
- One console provides central visibility over cloud workloads regardless of location.
- No reboots - No signatures - No scan storms - No disruption.
- Lightweight - Operates with only a tiny footprint on the host and Zero impact on runtime performance even when analyzing, searching and investigating.
- Automatically kept up to date with SaaS delivery.
- Complete policy flexibility - apply at individual server, group or data center level.
CROWDSTRIKE AND AWS: BETTER TOGETHER
The CrowdStrike Falcon platform works with services from Amazon Web Services (AWS) that further protect customers from growing threats and increasingly complex cyber attacks. The integrations provide joint customers with comprehensive visibility, dynamic scale, automation and flexibility to better prevent, detect and respond to threats in the cloud and across endpoints. CrowdStrike and AWS have the following free integrations for joint customers today:
Cloud Security Solutions
-
![FALCON CLOUD WORKLOAD PROTECTION]()
FALCON CLOUD WORKLOAD PROTECTION
Provides comprehensive breach protection across private, public, hybrid and multi-cloud environments, allowing customers to rapidly adopt and secure technology across any workload.
-
![FALCON HORIZON]()
FALCON HORIZON
Provides multi-cloud visibility, continuous monitoring and threat detection, and ensures compliance enabling DevOps to deploy applications with greater speed and efficiency – cloud security posture management made simple.
-
![Container Security]()
Container Security
Accelerates critical detection, investigation and threat hunting tasks performed on containers — even on ephemeral containers after they have been decommissioned — enabling security teams to secure containers at the speed of DevOps without adding friction.
Product Validation
Customers That Trust CrowdStrike
Third-Party Validation
Since 2016, CrowdStrike has demonstrated a strong commitment to continuous industry collaboration, scrutiny, and testing. Time and time again, CrowdStrike has been independently certified to replace legacy solutions.
-
![[For Modules Only] 2019 GARTNER MAGIC QUADRANT (MQ) FOR ENDPOINT PROTECTION PLATFORMS (EPP)]()
Positioned as a Leader
Download this complimentary report to learn the analysis behind CrowdStrike’s positioning as a Leader and what CrowdStrike believes it could mean for your organization’s cybersecurity posture.
-
![[For Modules Only] THE FORRESTER WAVE: ENDPOINT SECURITY SUITES, Q3 2019]()
Named a Leader
Read this critical report to learn why CrowdStrike was named a “Leader” in the 2019 Forrester Wave with the top ranking in strategy and high scores in 17 criteria.
-
![[For Modules Only] Gartner Critical Capabilities]()
HIGHEST SCORE FOR TYPE A
Learn why CrowdStrike scores highest overall out of 20 vendors for use case Type A or “forward leaning” organizations.
![[For Modules Only] 2019 GARTNER MAGIC QUADRANT (MQ) FOR ENDPOINT PROTECTION PLATFORMS (EPP)](https://cs-staging-2-www.crowdstrike.com/wp-content/uploads/2019/10/Gartner_logo.png){kind=logo}
![[For Modules Only] THE FORRESTER WAVE: ENDPOINT SECURITY SUITES, Q3 2019](https://cs-staging-2-www.crowdstrike.com/wp-content/uploads/2019/10/Forrester-Logo.png){kind=logo}
Visit our third-party evaluations page to see how CrowdStrike performed against the industry’s most rigorous tests and trials.