-

CrowdStrike Expands CNAPP Capabilities to Secure Containers and Help Developers Rapidly Identify and Remediate Cloud Vulnerabilities

Expansion of agent-based and agentless protection provides support for Amazon ECS allowing DevSecOps teams to build even more securely on AWS environments

AUSTIN, Texas & BOSTON--(BUSINESS WIRE)--AWS re:Inforce 2022CrowdStrike (Nasdaq: CRWD), a leader in cloud-delivered protection of endpoints, cloud workloads, identity and data, today announced powerful new Cloud Native Application Protection Platform (CNAPP) capabilities that build on its leading agent-based and agentless approach. These enhancements to CrowdStrike Cloud Security extend support to Amazon Elastic Container Service (ECS) within AWS Fargate, expand image registry scanning for eight new container registries and enable Software Composition Analysis (SCA) for open source software.

Containers have changed how applications are built, tested and used, enabling them to be instantly deployed at scale for any environment. As container adoption increases, it’s critical that organizations have access to tools that provide greater visibility into their containerized applications so they can operate more securely. With support for Amazon ECS alongside previously existing support for Amazon Elastic Kubernetes Service (Amazon EKS), organizations have access to more security tools to manage their AWS Fargate environment.

“By shifting left and proactively assessing containers, CrowdStrike customers will be able to identify any vulnerabilities, embedded malware, or stored secrets before they are deployed. Many of our customers rely on AWS as they modernize their IT infrastructure, making it critical to expand our support to services like Amazon ECS,” said Amol Kulkarni, chief product and engineering officer at CrowdStrike. “We look forward to continuing to work with AWS to support our customers.”

Only CrowdStrike delivers agent-based and agentless CNAPP capabilities through a unified, integrated platform. With this release, CrowdStrike extends these capabilities to include:

  • Support for AWS Fargate with Amazon ECS: Bring additional security controls to container environments by identifying rogue containers and drift detection. This capability extends functionality already available for AWS Fargate with Amazon EKS.
  • Software composition analysis: Improve application security and compliance by detecting and remediating vulnerabilities in open source components in the application codebase. Open language support includes Go, JavaScript, Java, Python and Ruby.
  • Image registry scanning for Docker Registry 2.0, IBM Cloud Container Registry, JFrog Artifactory, Oracle Container Registry, Red Hat OpenShift, Red Hat Quay, Sonatype Nexus Repository and VMware Harbor Registry: Enable the identification of hidden threats and configuration issues in containers to reduce the attack surface and secure continuous integration (CI)/continuous delivery (CD) pipelines. This capability extends existing functionality for Amazon Elastic Container Registry (ECR), Docker Registry and additional cloud registries.

“Given the growing adoption of open source and containers, organizations are seeking a CNAPP that enables them to gain full visibility into their development pipeline. It encourages a DevSecOps culture, where developers incorporate security as part of their daily workflow,” said Doug Cahill, vice president, analyst services and senior analyst at Enterprise Strategy Group (ESG). “The addition of SCA and the expansion of new container registries within its image registry scanning tool are compelling additions to CrowdStrike’s CNAPP offering.”

CrowdStrike’s adversary-focused approach to CNAPP provides both agent-based (Falcon CWP) and agentless (Falcon Horizon - CSPM) solutions delivered from the Falcon platform. This gives organizations the flexibility necessary to determine how best to secure their cloud applications across the continuous integration/continuous delivery (CI/CD) pipeline and cloud infrastructure across AWS and other cloud providers. The added benefit of an agent-based CWP solution is that it enables pre-runtime and runtime protection, compared to agentless-only solutions that only offer partial visibility and lack remediation capabilities.

Additional Resources

  • CrowdStrike was named a Strong Performer in The Forrester Wave™: Cloud Workload Security, Q1 2022 report.1

About CrowdStrike

CrowdStrike (Nasdaq: CRWD), a global cybersecurity leader, has redefined modern security with one of the world’s most advanced cloud-native platforms for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity and data.

Powered by the CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon® platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities.

Purpose-built in the cloud with a single lightweight-agent architecture, the Falcon platform delivers rapid and scalable deployment, superior protection and performance, reduced complexity and immediate time-to-value.

CrowdStrike: We stop breaches.

Learn more: https://www.crowdstrike.com/
Follow us: Blog | Twitter | LinkedIn | Facebook | Instagram
Start a free trial today: https://www.crowdstrike.com/free-trial-guide/

© 2022 CrowdStrike, Inc. All rights reserved. CrowdStrike, the falcon logo, CrowdStrike Falcon and CrowdStrike Threat Graph are marks owned by CrowdStrike, Inc. and registered with the United States Patent and Trademark Office, and in other countries. CrowdStrike owns other trademarks and service marks, and may use the brands of third parties to identify their products and services.

1 The Forrester Wave™: Cloud Workload Security, Q1 2022

Contacts

Kevin Benacci
CrowdStrike Corporate Communications
press@crowdstrike.com

CrowdStrike

NASDAQ:CRWD

Release Versions

Contacts

Kevin Benacci
CrowdStrike Corporate Communications
press@crowdstrike.com

More News From CrowdStrike

CrowdStrike Named Frost & Sullivan’s 2026 Global Enabling Technology Leader in Zero Trust Browser Security

AUSTIN, Texas--(BUSINESS WIRE)--CrowdStrike (NASDAQ: CRWD) today announced it has been named Frost & Sullivan’s 2026 Global Enabling Technology Leader in Zero Trust Browser Security. The browser has become the operating environment for modern work, where employees access email, SaaS applications, collaboration tools, customer data, and AI services. All this activity makes the browser a high-value target for attackers – sitting between users, identities, applications, and sensitive enterpris...

CrowdStrike Named a Leader in the 2026 IDC MarketScape for Worldwide SIEM

AUSTIN, Texas--(BUSINESS WIRE)--CrowdStrike (NASDAQ: CRWD) today announced it has been named a Leader in the IDC MarketScape: Worldwide SIEM 2026 Vendor Assessment.1 We believe this recognition reflects how CrowdStrike Falcon® Next-Gen SIEM is transforming security operations at global scale, as organizations replace legacy SIEMs to build the agentic SOC on the CrowdStrike Falcon® platform. Legacy SIEMs were built for a threat environment that no longer exists. As AI-enabled adversaries attack...

CrowdStrike Advances AI and Cloud Security Operations on AWS

AUSTIN, Texas & NEW YORK--(BUSINESS WIRE)--AWS Summit New York -- CrowdStrike (NASDAQ: CRWD), in collaboration with Amazon Web Services (AWS), today announced new AI, cloud, and Next-Gen SIEM innovations that help organizations securely build, deploy, and operate AI applications and cloud workloads on AWS. CrowdStrike is expanding CrowdStrike Falcon® AI Detection and Response (AIDR) capabilities on AWS, helping organizations identify and mitigate AI runtime risks across AI applications built wi...
Back to Newsroom