CrowdStrike Empowers DevSecOps Teams to Strengthen and Streamline Cloud Security

Over the last decade, the swift adoption of cloud technology has heightened the complexity of IT environments and broadened the enterprise attack surface. To protect this growing infrastructure, organizations have adopted disparate cloud security solutions such as identity and access management (IAM) tools, application security tools and endpoint protection tools.

Unfortunately, this influx of point products only further complicates the IT environment and impedes visibility. Further, these solutions require manual correlation, which often leads to undetected misconfigurations and code vulnerabilities that expose cloud environments to attack.

Today’s threat actors are constantly seeking the easiest ways to infiltrate organizations. They are eager to exploit these security gaps and can quickly move laterally in cloud environments. Businesses need a complete cloud security solution to protect code from build to runtime so they can detect and respond to cyberattacks.

Recent updates to CrowdStrike Falcon® Cloud Security accelerate vulnerability detection, improve open source integrations and simplify collaboration across DevSecOps — all capabilities organizations need to stop modern attacks targeting the cloud.

Let’s take a closer look at them.

Faster Vulnerability Detection

On-premises registry scanner: The new on-premises registry scanner in Falcon Cloud Security allows local scans for registries that cannot connect to the CrowdStrike Falcon® cybersecurity platform. This may happen, for example, if there are security policies that prohibit source code from leaving the customer’s environment. This enables coverage across a customer’s entire infrastructure.

ExPRT.AI ratings: Our groundbreaking ExPRT.AI model combines our threat intelligence with real-time, AI-powered analysis to provide deep insight into vulnerabilities and critical areas of risk. With ExPRT.AI, only a small percentage of CVEs are assigned critical and high ratings, while the rest receive lower ratings for later remediation. This automated risk prioritization helps eliminate the toil of manually correlating vulnerability data with telemetry from other security tooling or manually checking the number of instances of a vulnerability in production to determine risk.

Container image assessment for vulnerabilities: This capability enables teams to continuously scan all container images, both within registry containers and during the build process, thanks to the integration between Falcon Cloud Security and CrowdStrike Falcon® Exposure Management. This integration helps ensure no vulnerabilities go undetected.

Enhanced supply chain security with new malware detections for the CI/CD pipeline: New malware detections for the CI/CD pipeline leverage highly trained, proprietary machine learning models to identify the presence of malicious files in container images before they are deployed.

To see additional recent feature releases supporting serverless, read this CrowdStrike blog.

Enhanced Open Source Integrations

New integrations with GitHub Action: To strengthen our many capabilities with GitHub, we’ve recently added new integrations with GitHub Action. These integrations reduce manual security efforts and automate detections of misconfigurations, tightening security while streamlining build.

New integration with Terraform: DevSecOps teams can now benefit from our integration with Terraform — the newest in a long list of compatible integrations. Our integration with Terraform allows for automated, consistent and efficient deployment, seamlessly building security detections into the development process.

We believe security should never break the stride of innovation, which is why we make it our mission to provide security tools that seamlessly work within existing engineering workstreams — that's why CrowdStrike offers a breadth of registry integrations.

Simplified Collaboration

New role-based access controls for cloud teams: CrowdStrike now provides DevSecOps teams with new role-based access control (RBAC) for cloud teams. We provide full transparency and enhance strategic communication across DevSecOps with RBAC that enforces the principle of least privilege and offers detailed logs of all access activity.

Teams for CrowdStrike Falcon® Application Security Posture Management: Building secure applications requires shifting left to secure the code pipeline in production. The key to maintaining secure applications after deployment is visibility and control provided by application security posture management (ASPM). With Teams for ASPM, customers can efficiently manage access and improve collaboration across their organization. Teams for ASPM delivers greater control and flexibility to DevSecOps teams and Falcon administrators, allowing them to provide access to only the business applications and microservices that an individual or team is responsible for. Teams can access all of the data needed to do their jobs while staying within their defined scope of work — fostering collaboration among those working to secure applications.

CrowdStrike Falcon® Fusion SOAR workflows for infrastructure as code (IaC): Powered by CrowdStrike Falcon® Next-Gen SIEM, Falcon Fusion SOAR workflows for IaC enable organizations to build automated remediation flows with insight into the owner of an IaC template, as well as notification mechanisms that integrate into existing DevOps processes.