Expansion of agent-based and agentless protection provides support for Amazon ECS allowing DevSecOps teams to build even more securely on AWS environments
CrowdStrike, a leader in cloud-delivered protection of endpoints, cloud workloads, identity and data, announced powerful new Cloud Native Application Protection Platform (CNAPP) capabilities that build on its leading agent-based and agentless approach. These enhancements to CrowdStrike Cloud Security extend support to Amazon Elastic Container Service (ECS) within AWS Fargate, expand image registry scanning for eight new container registries and enable Software Composition Analysis (SCA) for open source software.
“We look forward to continuing to work with AWS to support our customers.”
Containers have changed how applications are built, tested and used, enabling them to be instantly deployed at scale for any environment. As container adoption increases, it’s critical that organizations have access to tools that provide greater visibility into their containerized applications so they can operate more securely. With support for Amazon ECS alongside previously existing support for Amazon Elastic Kubernetes Service (Amazon EKS), organizations have access to more security tools to manage their AWS Fargate environment.
“By shifting left and proactively assessing containers, CrowdStrike customers will be able to identify any vulnerabilities, embedded malware, or stored secrets before they are deployed. Many of our customers rely on AWS as they modernize their IT infrastructure, making it critical to expand our support to services like Amazon ECS,” said Amol Kulkarni, chief product and engineering officer at CrowdStrike. “We look forward to continuing to work with AWS to support our customers.”
Latest ITechnology News: Rescale Delivers New Capabilities for HPC, Applied AI and ML with NVIDIA
Only CrowdStrike delivers agent-based and agentless CNAPP capabilities through a unified, integrated platform. With this release, CrowdStrike extends these capabilities to include:
- Support for AWS Fargate with Amazon ECS: Bring additional security controls to container environments by identifying rogue containers and drift detection. This capability extends functionality already available for AWS Fargate with Amazon EKS.
- Software composition analysis: Improve application security and compliance by detecting and remediating vulnerabilities in open source components in the application codebase. Open language support includes Go, JavaScript, Java, Python and Ruby.
- Image registry scanning for Docker Registry 2.0, IBM Cloud Container Registry, JFrog Artifactory, Oracle Container Registry, Red Hat OpenShift, Red Hat Quay, Sonatype Nexus Repository and VMware Harbor Registry: Enable the identification of hidden threats and configuration issues in containers to reduce the attack surface and secure continuous integration (CI)/continuous delivery (CD) pipelines. This capability extends existing functionality for Amazon Elastic Container Registry (ECR), Docker Registry and additional cloud registries.
ITechnology Cloud News: Tackle.io Furthers Strategic Partnership with Microsoft to Help Independent Software Vendors
“Given the growing adoption of open source and containers, organizations are seeking a CNAPP that enables them to gain full visibility into their development pipeline. It encourages a DevSecOps culture, where developers incorporate security as part of their daily workflow,” said Doug Cahill, vice president, analyst services and senior analyst at Enterprise Strategy Group (ESG). “The addition of SCA and the expansion of new container registries within its image registry scanning tool are compelling additions to CrowdStrike’s CNAPP offering.”
CrowdStrike’s adversary-focused approach to CNAPP provides both agent-based (Falcon CWP) and agentless (Falcon Horizon – CSPM) solutions delivered from the Falcon platform. This gives organizations the flexibility necessary to determine how best to secure their cloud applications across the continuous integration/continuous delivery (CI/CD) pipeline and cloud infrastructure across AWS and other cloud providers. The added benefit of an agent-based CWP solution is that it enables pre-runtime and runtime protection, compared to agentless-only solutions that only offer partial visibility and lack remediation capabilities.
Latest ITechnology News: McAfee Expands Partnership with Visa to Offer UK Visa Business Cardholders Online Protection Software
[To share your insights with us, please write to sghosh@martechseries.com]