CrowdStrike® is thrilled to introduce Falcon Discover™ for AWS, a new solution that delivers our next-generation IT cloud hygiene features across AWS workloads, ensuring advanced visibility into AWS EC2 (Elastic Compute Cloud) services.
AWS (Amazon Web Services) has continued to be a leading cloud provider for organizations in every industry, yet many of the customers they serve lack the security resources and capabilities needed to manage both their enterprise assets as well as the dynamic AWS EC2 assets available to them. This security challenge has sent organizations looking for solutions that are easy to deploy, manage and integrate and ones that can help them take full advantage of their AWS resources. The CrowdStrike Falcon® next-gen platform, now with Discover for AWS, solves this challenge.
Organizations Continue to Move Workloads to The Cloud
In the Forrester report, “Predictions 2018: Cloud Computing Accelerates Enterprise Transformation Everywhere,” analysts forecast that by the end of this year, more than half of global enterprises will rely on at least one public cloud platform for digital transformation. This accelerated move to the cloud is understandable considering the massive compute power the cloud offers. However, as more organizations migrate their critical workloads, they are creating hybrid cloud environments that are both on-premises and in the cloud, which makes maintaining consistent security challenging. Falcon Discover for AWS was built to solve this challenge by helping customers ensure consistent security and risk management of their assets both on-premises in the cloud.Visibility and Context Across AWS EC2 Instances Are Key
Today, customers may have limited visibility into AWS EC2 Instances, forcing them to rely on inadequate and complex third-party products, or build an in-house solution, which can burden IT security resources. CrowdStrike Falcon® Discover for AWS integrates the next-gen functionality of CrowdStrike’s IT hygiene solution to solve two important challenges for AWS customers:- Visibility — The fragmented ownership of AWS assets can prevent discovery of those assets as well as security violations across your enterprise
- Lack of AWS metadata
Benefits of Falcon Discover for AWS
As the only cloud-native, next-generation security solution of its kind, Falcon Discover for AWS offers streamlined integration not available with other third-party solutions, and saves organizations the time and expense of trying to develop these capabilities in-house. Falcon Discover for AWS offers the following benefits:- Identifies security gaps with comprehensive and consistent visibility across all EC2 instances and endpoints: By uniquely combining information from Falcon Discover and AWS metadata, security teams are able to baseline existing EC2 deployments instantly across all regions and subsequently monitor cloud trail logs for any modifications to the environment. This holistic asset management across all data centers and AWS cloud resources allows you to identify unmanaged assets — pinpointing security gaps and closing them.
- Prioritizes detections for faster and more effective response: Falcon Discover for AWS delivers rich AWS metadata on EC2 instances, so that unprotected assets and impacted systems are quickly prioritized. It provides the critical answers analysts need such as: Is this system internet accessible? Does it have Amazon IAM ( identity and access management) roles applied with elevated privileges? Is it on the same Amazon VPC as critical assets? Armed with this context-rich information, organizations can apply proactive measures to dramatically improve their security posture
- Conserves resources with easy deployment and integrated management: Often security teams find they must pivot across a variety of tools and workflows as they attempt to span physical, virtual and cloud environments. Falcon Discover for AWS is one tool that provides instant visibility and control over existing on-premises endpoints and EC2 instances without requiring any additional agents, or installing scripts that can burden teams and slow performance. As a cloud-native security tool, Falcon Discover deploys instantly and scales easily with no hit to performance and no requirement to reboot. It is powered by the Falcon sensor, a single lightweight agent, and managed via the unified Falcon console.