Cloud & Application Security

CrowdStrike is excited to bring new capabilities to platform engineering and operations teams that manage hybrid cloud infrastructure, including on Red Hat Enterprise Linux and Red Hat OpenShift. Most[…]

The massive increase in cloud adoption has driven adversaries to focus their efforts on cloud environments — a shift that led to cloud intrusions increasing by 75% in 2023, emphasizing the need for st[…]

Organizations are increasingly turning to cloud computing for IT agility, resilience and scalability. Amazon Web Services (AWS) stands at the forefront of this digital transformation, offering a robus[…]

As Porter Airlines scaled its business, it needed a unified cybersecurity platform to eliminate the challenges of juggling multiple cloud, identity and endpoint security products. Porter consolidated […]

The increase in cloud adoption has been met with a corresponding rise in cybersecurity threats. Cloud intrusions escalated by a staggering 75% in 2023, with cloud-conscious cases increasing by 110%. A[…]

Cloud computing has become the backbone for modern businesses due to its scalability, flexibility and cost-efficiency. As organizations choose cloud service providers to power their technological tran[…]

In the ever-evolving landscape of cloud security, staying ahead of the curve is paramount. Today, we are announcing an exciting enhancement: CrowdStrike Falcon® Cloud Security now supports Google Kube[…]

As organizations shift their applications and operations to the cloud and increasingly drive revenues through software, cloud-native applications and APIs have emerged among the greatest areas of mode[…]

As organizations move more of their business-critical applications to the cloud, adversaries are shifting their tactics accordingly. And within the cloud, it’s clear that cybercriminals are setting th[…]

Azure cross-tenant synchronization (CTS) was made generally available on May 30, 2023, and introduced a new attack surface on Microsoft Entra ID (formerly Azure Active Directory) where attackers can m[…]

Cybercriminals work around the clock to discover new tactics to breach systems. Each time a digital ecosystem changes, it can introduce a weakness for a threat actor to quickly discover and exploit. A[…]

Today, we’re proud to announce that Forrester has named CrowdStrike a Leader in The Forrester Wave™: Cloud Workload Security, Q1 2024, stating “CrowdStrike shines in agentless CWP and container runtim[…]

Cloud infrastructure is subject to a wide variety of international, federal, state and local security regulations. Organizations must comply with these regulations or face the consequences. Due to the[…]

Software development practices are rapidly changing, and so are the methods adversaries use to target custom applications. The rise of loosely coupled applications, along with an impressive increase i[…]

According to the CrowdStrike 2023 Global Threat Report, there was a 95% increase in cloud exploits in 2022, with a three-fold increase in cases involving cloud-conscious threat actors. The cloud is ra[…]

Today’s security practitioners face a daunting challenge: Staying ahead of sophisticated adversaries who have turned their attention to the expansive terrain of cloud environments. CrowdStrike observe[…]

CrowdStrike is honored to be named Partner of the Year for several 2023 Geo and Global AWS Partner Awards at Amazon Web Services re:Invent 2023, where we are participating this year as a Diamond Spons[…]

Modern applications are designed to process, use and store vast amounts of sensitive data. As adversaries seek to infiltrate these applications, IT and security teams must ensure the software they use[…]

CoreWeave is a specialized GPU cloud provider powering the AI revolution. It delivers the fastest and most consistent solutions for use cases that depend on GPU-accelerated workloads, including VFX, p[…]

CrowdStrike’s Incident Response team has seen a recent increase in cases involving adversaries that abuse identity provider federation to gain access to protected services by adding and authorizing ro[…]

As organizations increasingly deploy business-critical workloads to managed cloud services, enforcing strong security practices needs to be a top priority. While many managed cloud service providers d[…]

Two new privilege escalation CVEs, CVE-2023-2640 and CVE-2023-32629, have been discovered in the Ubuntu kernel OverlayFS module. The CVEs affect not only any Ubuntu hosts running with vulnerable kerne[…]

The cloud has become the new battleground for adversary activity: CrowdStrike observed a 95% increase in cloud exploitation from 2021 to 2022 and a 288% jump in cases involving threat actors directly […]

In our first-ever Cloud Threat Summit, CrowdStrike’s Senior Vice President of Intelligence and Senior Director of Consulting Services discussed the most common ways adversaries breach the cloud and th[…]

CrowdStrike is defining the future of cloud security by empowering customers to rapidly understand their cloud risk and to detect, prevent and remediate cloud-focused threats. Today we are announcing […]

CrowdStrike is defining the future of cloud-native application protection platforms (CNAPP) with CrowdStrike Falcon® Cloud Security. As the industry’s most comprehensive agent-based and agentless clou[…]

Digital transformation isn’t only for the good guys. Adversaries are undergoing their own digital transformation to exploit modern IT infrastructures — a trend we’re seeing play out in real time as th[…]

Public cloud services and cloud assets are agile and dynamic environments. Close oversight of these assets is a critical component of your asset management and security practices. While it’s important[…]

At AWS re:Invent 2022, CrowdStrike announced expanded service integrations with AWS to provide breach protection across your AWS environment, simplified infrastructure management and security consolid[…]

PostgreSQL misconfiguration allows running shell commands on the underlying OS with the “COPY” SQL command and “pg_execute_server_program” role Kubernetes ingress can allow access to the PostgreSQL se[…]

CrowdStrike is excited to announce it has been recognized by Frost & Sullivan as a global leader in the inaugural 2022 Frost Radar™: Cloud-Native Application Protection Platform, 2022 analysis. We hav[…]

Enterprises are embracing cloud-native applications in the name of business agility. These applications enable developers to take advantage of the cloud’s scalability and flexibility, allow customers […]

Join us in Las Vegas Nov. 28-Dec. 2! CrowdStrike is a Diamond Sponsor at AWS re:Invent, and we’re looking forward to meeting with customers, partners and prospects to show how we’re protecting AWS env[…]

Cloud storage misconfigurations continue to become more prevalent and problematic for organizations as they expand their cloud infrastructure, driving the importance of technologies such as cloud secu[…]

CrowdStrike has uncovered a new cryptojacking campaign targeting vulnerable Docker and Kubernetes infrastructure using an obscure domain from the payload, container escape attempt and anonymized “dog”[…]

KubeCon + CloudNativeCon North America 2022 is happening next week, and we’re excited to showcase our industry leading cloud-native application protection platform (CNAPP) capabilities and observabili[…]

As organizations continue to shift to multi-cloud environments and increasingly use cloud services for application development, new challenges emerge that require dramatic changes in the delivery and […]

Fourteen key cloud analytics for Azure and GCP cloud environments were identified and mapped as indicative of adversary behavior and serve as a blueprint for understanding and writing new cloud analyt[…]

As organizations expand their cloud-native initiatives and increase their use of containers and Kubernetes in production, they face challenges regarding container security, monitoring, data management[…]

What Is DirtyCred? DirtyCred is a new Linux kernel exploitation technique that allows kernel Use After Free (UAF) or Double free vulnerabilities to swap a credential or file structure on the kernel he[…]

Application developers have always had a tricky balance to maintain between speed and security, two requirements that may often feel at odds with each other. Practices that increase speed also pressur[…]

Cloud-based services are augmenting business operations and being adopted at a record pace. In fact, Gartner® estimates “more than 85% of organizations will embrace a cloud-first principle by 2025 and[…]

For two days in July, Boston will be the epicenter of innovation in the world of cloud security — and we’re excited to see you there in person! As a proud sponsor of AWS re:Inforce 2022 (July 26-27), […]

The CrowdStrike eBook, “Protectors of the Cloud: Combating the Rise in Threats to Cloud Environments," reveals how adversaries target and infiltrate cloud environments and recommends best practices fo[…]

The software supply chain remains a weak link for an attacker to exploit and gain access to an organization. According to a report in 2021, supply chain attacks increased by 650%, and some of the atta[…]

As organizations increasingly move to hybrid cloud environments to increase agility, scale and competitive advantage, adversaries are correspondingly looking to exploit these environments. According t[…]

CVE-2022-23648, reported by Google’s Project Zero in November 2021, is a Kubernetes runtime vulnerability found in Containerd, a popular Kubernetes runtime. It lies in Containerd’s CRI plugin that han[…]

CrowdStrike Falcon® delivers comprehensive cloud security, combining agent-based and agentless protection in a single, unified platform experience Integrated threat intelligence delivers a powerful, a[…]

LemonDuck, a well-known cryptomining botnet, is targeting Docker to mine cryptocurrency on Linux systems. This campaign is currently active. It runs an anonymous mining operation by the use of proxy p[…]

Mistakes are easy to make, but in the world of cloud computing, they aren’t always easy to find and remediate without help. Cloud misconfigurations are frequently cited as the most common causes of br[…]

In today’s fast-paced world, mobility, connectivity and data access are essential. As organizations grow and add more workloads, containers, distributed endpoints and different security solutions to p[…]

“In its current CWS offering, the vendor has great CSPM capabilities for Azure, including detecting overprivileged admins and enforcing storage least privilege and encryption, virtual machine, and net[…]

CrowdStrike cloud security researchers discovered a new vulnerability (dubbed “cr8escape” and tracked as CVE-2022-0811) in the Kubernetes container engine CRI-O. CrowdStrike disclosed the vulnerabilit[…]

Migrating to the cloud has allowed many organizations to reduce costs, innovate faster and deliver business results more effectively. However, as businesses expand their cloud investments, they must a[…]

Protecting cloud workloads from zero-day vulnerabilities like Log4Shell is a challenge that every organization faces. When a cloud vulnerability is published, organizations can try to identify impacte[…]

On Jan. 18, 2022, researchers found a heap base buffer overflow flaw (CVE-2022-0185) in the Linux kernel (5.1-rc1+) function “legacy_parse_param” of filesystem context functionality, which allows an o[…]

Cryptocurrency mining has become very popular among malicious actors that aim to profit by exploiting cloud attack surfaces. Exposed Docker APIs have become a common target for cryptominers to mine va[…]

It should come as little surprise that when enterprise and IT leaders turned their attention to the cloud, so did attackers. Unfortunately, the security capabilities of enterprises have not always kep[…]

Digital transformation has pushed organizations to adopt a hybrid IT approach and has created a mix of on-premises and cloud infrastructure that has to be supported and protected. Unfortunately, while[…]

Security budgets are not infinite. Every dollar spent must produce a return on investment (ROI) in the form of better detection or prevention. Getting the highest ROI for security purchases is a key c[…]

We’re ready to meet you in person in Las Vegas! CrowdStrike is a proud Gold sponsor of AWS re:Invent 2021, being held Nov. 29 through Dec. 3. Stop by Booth #152 at the Venetian for a chance to obtain […]

Developing applications quickly has always been the goal of development teams. Traditionally, that often puts them at odds with the need for testing. Developers might code up to the last minute, leavi[…]

With virtualization in the data center and further adoption of cloud infrastructure, it’s no wonder why IT, DevOps and security teams grapple with new and evolving security challenges. An increase in […]

The need for speed and agility in today’s digital business requires changes to IT infrastructure, most notably the shift to cloud-native architectures and the adoption of DevOps best practices to impr[…]

Organizations continue to be targeted by sophisticated threats that lead to potential breaches. Customers need the proper people, process, intelligence and technology to be able to reduce risk and sto[…]

By integrating Amazon EventBridge with CrowdStrike Falcon® Horizon™ cloud security posture management, CrowdStrike has developed a cloud-based solution that allows you to detect threats in real time. […]

Drawing benefits from CrowdStrike’s network effect requires handling large amounts of data — volumes and volumes of it. In fact, CrowdStrike stores more than 15 petabytes of data in the cloud that it […]

There’s a popular saying that it takes a village to raise a child. The cybersecurity version of this idiom is that it requires a community to protect the cloud. At CrowdStrike, this means using the Cr[…]

Organizations adopting cloud-native applications face an increasingly diverse and sophisticated threat landscape, in addition to proliferating devices and expanding remote workforces. Meeting these ch[…]

Containers provide a wide range of benefits to both developers and system administrators — increased agility, flexibility and scalability among them. With the increase in adoption, containers have als[…]

More than ever, organizations are grappling with how to secure cloud-native applications. Protecting these applications — a combination of containers, virtual machines, APIs and serverless functions —[…]

Compromises of cloud accounts have been a hot topic in the security industry lately, but the common themes we are seeing, such as compute-resource cryptomining and storage bucket data theft, are not t[…]

Between the growth of cloud-native applications and the demands of faster application delivery, the use of containers is widely predicted to continue to increase. In fact, a recent study conducted by […]

In the era before cloud computing, enterprises could expect to be responsible for securing everything — the systems in the data center, their applications, everything. Today, cloud service providers a[…]

Slow down a development team with security, and expect to be greeted with a wave of frustration. Between a lack of integration of security tools and confusion about shared responsibility, security tea[…]

The need for speed and agility in today’s digital business requires changes to IT infrastructure, most notably the shift to cloud-native architectures and the adoption of DevOps. This shift has led ma[…]

There are a lot of complexities when managing identity in Microsoft Azure, primarily in gaining end-to-end visibility of what a user can do and what properties are applied to them to handle their acce[…]

Many industry analysts project that infrastructure as a service (IaaS) will continue to grow as companies seek ways to slash costs and increase business resilience and agility. While it carries the pr[…]

CrowdStrike is proud to be a Gold Sponsor of AWS re:Invent 2020, the world’s largest and most comprehensive cloud computing and cloud learning event, happening now — November 30 to December 18, 2020. […]

One of the biggest challenges of the cloud today is properly configuring resources to prevent breaches. Various breaches have proven this, such as the LA Times breach in 2018, where an S3 bucket was m[…]

Visibility in the cloud is an important but difficult problem to tackle. It differs among cloud providers, and each one has its own positives and negatives. This blog reviews some of the logging and v[…]

Built in the cloud and for the cloud, cloud-native applications are driving digital transformation and creating new opportunities to increase efficiency. Taking a cloud-native approach brings both spe[…]

The adoption of the cloud has fundamentally changed the game when it comes to how businesses go to market and develop modern applications. Today’s application lifecycle places a premium on speed to ma[…]

CrowdStrike® is thrilled to be attending AWS re:Invent 2019 this week as an AWS Partner Network (APN) sponsor. Amazon Web Services’ annual conference in Las Vegas draws cloud computing professionals f[…]

CrowdStrike® is thrilled to introduce Falcon Discover™ for AWS, a new solution that delivers our next-generation IT cloud hygiene features across AWS workloads, ensuring advanced visibility into AWS E[…]