“CrowdStrike allows tremendous visibility into all our endpoint assets, especially when they’re off our network. CrowdStrike also provides actionable alerts our team can manage and therefore they no longer have to waste resources chasing hundreds of false positives."

- Erik Hart, CISO, Cushman & Wakefield

Read all customer stories >

Vulnerability scanning and management

• Improve decision making: Gather insights and details about your cloud workload, and container — images, registries, libraries and containers spun from those images.
• Uncover hidden threats: Find hidden malware, embedded secrets, configuration issues and more in your images to help reduce the attack surface.
• Gain visibility into container environments: Get full visibility into running containers to uncover details surrounding file access, network communications and process activity.
• Identify vulnerabilities faster: Save valuable time with pre-built image scanning policies enabling you to quickly catch vulnerabilities, misconfigurations, and more.
• Eliminate threats prior to production: Block exploitable vulnerabilities based on IOAs before runtime, eliminating headaches for security teams.
• Continuously monitor: Identify new vulnerabilities at runtime, alert and take action without having to rescan images.

Automated CI/CD pipeline security

• Accelerate delivery: Create verified image policies to ensure that only approved images are allowed to progress through your pipeline and run in your hosts or Kubernetes clusters.
• Identify threats earlier: Continuously scan container images for known vulnerabilities, secrets/keys, and configuration issues.
• Assess the vulnerability posture of your pipeline: Uncover malware missed by static scanners before containers are deployed.
• Improve security operations: Streamline visibility for security operations by providing insights and context for misconfigurations and compliance violations.
• Integrate with developer toolchains: Seamlessly integrate with Jenkins, Bamboo, GitLab, and more to remediate and respond faster within the DevOps tool sets you already use.
• Enable DevSecOps: Reporting and dashboards drive alignment and a shared understanding across security operations, DevOps and infrastructure teams.

Runtime protection

• Secure hosts and containers: Falcon runtime protection defends containers against active attacks.
• Broad container support: Supports Linux and Kubernetes environments, such as EKS. Offers container-as-a-service support, including Fargate, providing the same level of protection. Technology previews available for AKS, GKE and Red Hat OpenShift.
• Leverage market-leading protection technologies: Machine learning (ML), artificial intelligence (AI), indicators of attack (IOAs) and custom hash blocking automatically defend against malware and sophisticated threats targeting containers.
• Stop malicious behavior: Behavioral profiling enables you to block activities that violate policy with zero impact to legitimate container operation.
• Investigate container incidents faster: Easily investigate incidents when detections are associated with the specific container and not bundled with the host events.
• See everything: Capture container start, stop, image, runtime information and all events generated inside the container, even if it only runs for a few seconds.
• Deploy seamlessly with Kubernetes: Deploy easily at scale by including it as part of Kubernetes cluster.
• Improve container orchestration: Capture Kubernetes namespace, pod meta data, process, file and network events.

Single source of truth with powerful APIs

• Single data source: Enables security teams with fast access to everything they need to respond and investigate.
• DevOps-ready automation: Powerful APIs allow automation of CrowdStrike Falcon® functionality, including detection, management, response and intelligence.
• Optimize business performance: Unlock security orchestration, automation and other advanced workflows to optimize business performance.
• Integrate with CI/CD pipelines: Chef, Puppet and AWS Terraform integrations support CI/CD workflows.
• Protection at the speed of DevOps: Falcon protects immediately and matches the speed of DevOps, adapting to the dynamic scalability of containers in real time with CI/CD integration via API and pre-boot scripts.

Simplicity and performance

• Simplifies DevSecOps adoption: Reduces the overhead, friction and complexity associated with protecting cloud workloads, containers, and serverless environments.
• Single-pane of glass: One console provides central visibility over cloud security posture, workloads, and containers regardless of their location.
• Complete policy flexibility: Apply at individual workload, container, group or higher level and unify policies across both on-premises and multi-cloud deployments.
• Scales at will: No rearchitecting or additional infrastructure required.
• Broad platform support: The Falcon® platform supports Open Container Initiative (OCI)-based containers such as Docker and Kubernetes and also self-managed and hosted orchestration platforms such as GKE (Google Kubernetes Engine), EKS (Amazon Elastic Kubernetes Service), ECS (Amazon Elastic Container Service), AKS (Azure Kubernetes Service), and OpenShift.

DevOps & cloud-native

Click the links below to visit the CrowdStrike Integration Center

• Go Falcon CS GoLang OAuth2 API SDK
• Falcon Py CS Python OAuth2 API SDK
• PS Falcon CS Powershell OAUTH2 API SDK
• Kubectl-Falcon: Plug-in to kubectl command-line tool
• Falcon Helm: Falcon Helm Chart and the Helm Operator are designed to deploy and manage the Falcon sensor
• Falcon Operator: Simplifies building container applications
• AWS Guard Duty