After bringing its flagship Falcon endpoint protection platform to Amazon Web Services last year, CrowdStrike Inc. is adding better support for Microsoft Corp.’s Azure and Google Cloud to court enterprises with heterogeneous cloud environments.
The company unveiled the update today at the RSA Conference in San Francisco.
Falcon is used by organizations to protect cloud environments, servers, employee devices and other endpoints from hackers. The improved cloud support unveiled at RSA takes the form of upgrades to Discover, Falcon’s monitoring module, that enable Discover to be used inside Azure and Google Cloud deployments.
Discover gives administrators information on virtual machines that don’t have Falcon installed and may therefore be vulnerable to attack. In addition, the tool provides general system data for instances that administrators can consult when investigating a potential breach. Discover shows the unique identifier of a breached instance, the operating system it runs, its IP address and related details.
The second major focus of the new Falcon release is container security. CrowdStrike says that the platform now provides endpoint detection and response features, as well as real-time runtime protection, for software containers and the servers on which they’re deployed.
“Security teams operate in heterogeneous environments and need a unified solution that seamlessly and reliably protects workloads across all environments,” said CrowdStrike Chief Product Officer Amol Kulkarni.
The approach CrowdStrike is taking to address this need, providing a one-stop-shop endpoint protection platform that can secure a variety of different systems, is one competitors have adopted as well. SentinelOne Inc. is among the most prominent examples. The startup, which this month raised $200 million in funding, sells an endpoint protection platform that can likewise protects a variety of assets ranging from employee laptops to containers.
One-stop-shop solutions and product suites have found a niche in the security market simply because using one integrated toolkit is easier than using multiple point solutions. Tasks such as syncing breach data among tools becomes less of a challenge.
The complex reality of network protection in the enterprise is influencing not just security software makers’ product roadmaps but also the decisions of cybersecurity investors. SentinelOne’s mammoth funding round is just one example. Another is SCVX Corp., a firm that went public this year with the sole purpose of buying up security companies and assembling them into what Chief Product Officer Hank Thomas described in a recent interview with SiliconANGLE as a “multicapable platform.”