AWS Workload Protection: Falcon for AWS

BREACH PROTECTION FOR AWS WORKLOADS

visibility icon
VISIBILITY

Continuous and comprehensive workload monitoring, including container visibility, ensuring nothing is missed and stealthy attacks can be stopped.

red shield
PROTECTION

Protect against breaches with unparalleled coverage. Defend against threats from malware to the most sophisticated attacks.

simplicity icon
SIMPLICITY

Built in the cloud for the cloud. Reduces the overhead, friction and complexity associated with protecting cloud workloads.

flow chart
AUTOMATION

Enable cloud security to keep up with the dynamic and flexible nature of AWS workloads.

VIDEO: Falcon For AWS

Watch

Built in the Cloud to Protect the Cloud

UNRIVALLED VISIBILITY

  • Full EDR prevents silent failure by capturing raw events for complete visibility
  • Visibility into incidents involving containers with process trees showing container IDs
  • Full attack visibility provides details, context and history for every alert
  • Event details and a full set of enriched data is continuously available, even for ephemeral and decommissioned workloads
  • Rogue instance detection
  • Extensive AWS visibility: Environment, accounts and instances

SIMPLICITY AND PERFORMANCE

  • Works everywhere: EC2 instances, ECS & EKS containers, Windows, Linux, Amazon Linux
  • One console provides central visibility over cloud workloads regardless of location
  • No reboots — No signatures — No scan storms — No disruption
  • Lightweight — Operates with only a tiny footprint on the host and Zero impact on runtime performance even when analyzing, searching and investigating
  • Automatically kept up to date with SaaS delivery
  • Complete policy flexibility — apply at individual server, group or data center level

EC2 AND CONTAINER PROTECTION

  • Machine Learning and AI protects against known and zero-day malware
  • Protection against prevalent cloud workload threats like web shells, SQL shells and credential theft
  • Behavior-based indicators of attack (IOAs) detect sophisticated attacks such as fileless and malware-free
  • Exploit protection and blocking
  • Delivers container security through a single agent running on the node that protects the instance itself as well as all containers running on it

SEAMLESS AUTOMATION

  • Automatic detection of attacker behavior with prioritized alerts and severity eliminates time-consuming manual searches and assessments
  • Integration with CI/CD deployment workflows
  • Powerful APIs enable automation of all functional areas including detection, management, response and intelligence
  • Scales as cloud workloads expand — no need for additional infrastructure
  • Integrates to AWS Security Hub for centralized management of threat alerts from AWS services

LEARN MORE ABOUT FALCON FOR AWS

Tech Center: How Falcon for AWS Protects Cloud Workloads
Read
Solution Brief: Container Security
Download

Related Resources

CrowdStrike Integration with AWS Security Hub
Watch
Endpoint Detection and Response