CrowdStrike, AWS Team Up To Provide Protection Against Ransomware Attacks 

CrowdStrike., a leader in cloud-delivered endpoint and workload protection, announced new features to the CrowdStrike Falcon platform that work with services from Amazon Web Services (AWS) that further protect customers from growing ransomware threats and increasingly complex cyber-attacks.

The new expanded features provide joint customers with comprehensive visibility, dynamic scale, automation, and flexibility to better prevent, detect and respond to threats in the cloud and across endpoints.

“Embattled security teams have turned to the cloud to protect their dynamic work environments from sophisticated cyber actors, implementing solutions that are scalable, automated and easily deployable. However, they must consider how their applications communicate with each other and devise an effective strategy to ensure connectivity between the cloud and the rest of their security stack,” said Amol Kulkarni, chief product officer at CrowdStrike.

“The CrowdStrike Falcon platform unifies cloud security posture management together with breach protection for cloud workloads and containers on AWS and hybrid cloud environments in a single platform, providing end-to-end visibility and protection that optimises cloud resources and ensures applications are defended against advanced threats.”

Also Read: Data Observability Accelerates Modern Data Stack Adoption

The new expanded features include:

  • Ransomware protection and recovery: The cloud-native CrowdStrike Falcon platform now works with CloudEndure Disaster Recovery to provide AWS customers protection and recovery from ransomware incidents and minimise impact to productivity. CrowdStrike Cloud Security Assessment delivers actionable insights into security misconfigurations and deviations from recommended cloud security architectures to help clients prevent, detect and recover from breaches. In contrast, CloudEndure allows customers to restore their applications within minutes, minimising business disruption.
  • Identity-based threat detection and remediation: CrowdStrike IAM Analyser for AWS is a feature in CrowdStrike Falcon Horizon and prevents identity-based threats by knowing what accounts are doing before a breach happens. It follows the principle of least privilege by assessing CrowdStrike IAM services, apps, users, roles and permissions across all cloud accounts. CrowdStrike IAM Analyser for AWS allows security teams to monitor AWS accounts for excessive or unused permissions continuously, identify suspicious permission escalation, and audit AWS Cloud services for actions allowed per resource, user, group, and role. The solution prevents users from putting organisations at risk by automating the detection and remediation of identity-based risks.
  • Enhanced security and compliance for workload deployments: CrowdStrike now integrates directly with Distributor, a capability of AWS Systems Manager. Customers can quickly deploy Distributor packages with embedded CrowdStrike Falcon agent software or install the agent via the CrowdStrike Falcon APIs, with customisation to run across multiple operating systems simultaneously. This allows teams to manage all agent packages from a single interface with flexibility and choice of software installation, easing deployment and without reboot requirements. With simplified deployment, teams can ensure real-time workloads protection from malware and malware-free attacks from day one, with a minimal performance impact.

CrowdStrike was also recently highlighted as an AWS Well-Architected Framework Management and Governance Lens Partner. The M&G Lens provides prescriptive guidance on key concepts and best practices for optimising management and governance across AWS environments.