Container and Kubernetes Security

CrowdStrike is recognized by Frost & Sullivan as a leader in the 2022 Frost Radar™️: Cloud-Native Application Protection Platform, 2022 report. CrowdStrike was also named a Winner in the 2022 CRN Tech Innovator Awards for the Best Cloud Security category. Both accolades underscore CrowdStrike's growth and innovation in the CNAPP market. Learn more.

Vulnerability scanning and management

• Improve decision making: Gather insights and details about your container — images, registries, libraries and containers spun from those images.
• Uncover hidden threats: Find hidden malware, embedded secrets, configuration issues and more in your images to help reduce the attack surface.
• Gain visibility into container environments: Get full visibility into running containers to uncover details surrounding file access, network communications and process activity.
• Identify vulnerabilities faster: Save valuable time with pre-built image scanning policies enabling you to quickly catch vulnerabilities, misconfigurations and more.
• Eliminate threats prior to production: Block exploitable vulnerabilities before runtime, eliminating headaches for security teams.
• Continuously monitor: Identify new -detections at runtime, and alert and take action without having to rescan images.

Runtime protection

• Secure hosts and containers: CrowdStrike Falcon® runtime protection defends containers and Kubernetes against active attacks.
• Gain broad container support: Falcon supports containers running on Linux and is deployable across Kubernetes environments such as EKS. It also supports container as a service (CaaS) such as Fargate, providing the same level of protection. Technology previews are available for AKS, GKE and Red Hat OpenShift.
• Leverage market-leading protection technologies: Machine learning (ML), artificial intelligence (AI), IOAs and custom hash blocking automatically defend against malware and sophisticated threats targeting containers.
• ML and AI: Falcon leverages ML and AI to detect known and unknown malware within containers without requiring scanning or signatures.
• IOAs: Falcon uses IOAs to identify threats based on behavior. Understanding the sequences of behavior allows Falcon to stop attacks that go beyond malware, including fileless attacks.
• Stop malicious behavior: Behavioral profiling enables you to block activities that violate policy, with zero impact to legitimate container operation.
• Detect rogue containers: Maintain an up-to-date inventory as containers are deployed and decommissioned, detect and scan rogue images, and identify and stop containers launched as privileged or writable.
• Container drift prevention: Enforce container immutability by detecting new binaries created and executed inside containers.
• Investigate container incidents faster: Easily investigate incidents when detections are associated with the specific container and not bundled with the host events.
• See everything: Capture container start, stop, image and runtime information, and all events generated inside the container, even if it only runs for a few seconds.
• Deploy seamlessly with Kubernetes: Deploy easily at scale by including it as part of a Kubernetes cluster.
• Improve container orchestration: Capture Kubernetes namespace, pod metadata, process, file and network events.

Simplicity and performance

• Simplify DevSecOps adoption: Reduce the overhead, friction and complexity associated with protecting cloud workloads, containers, and serverless environments.
• Single-pane of glass: One console provides central visibility over cloud security posture, workloads and containers regardless of their location.
• Complete policy flexibility: Apply at individual workload, container, group or higher level and unify policies across both on-premises and multi-cloud deployments.
• Scale at will: No rearchitecting or additional infrastructure required.
• Gain broad platform support: The Falcon platform supports Open Container Initiative (OCI)-based containers such as Docker and Kubernetes and also self-managed and hosted orchestration platforms such as GKE (Google Kubernetes Engine), EKS (Amazon Elastic Kubernetes Service), ECS (Amazon Elastic Container Service), AKS (Azure Kubernetes Service), and OpenShift.

Cloud workload protection

Click the links below to visit our Cloud-AWS Github pages

• AWS Control Tower
• AWS Systems Mgr
• AWS sensor bootstrapping
• Azure extensions(Sensor boot strapping)
• AWS Security Hub: Falcon Integration Gateway
• AWS Network FW Service
• Container Security (EKS, GKE, Fargate)