Highlights

  • 80% of businesses claimed last year that they had had one or more breaches that could have been caused by a lack of cybersecurity knowledge and/or awareness.
  • Security teams have a weapon at their disposal with Falcon Overwatch Cloud Threat Hunting to continuously identify sophisticated threats that originate in cloud settings and persist there.

CrowdStrike, an endpoint and cloud protection provider, announced the introduction of Falcon OverWatch Cloud Threat Hunting, calling it “the industry’s first standalone threat hunting solution.”

Security teams deal with the most urgent day-to-day issues maintaining visibility over complicated cloud infrastructures. Modern businesses have a vast attack surface of cloud-based internet-facing assets that they must continually safeguard with specialized knowledge.

Unfortunately, few firms know to defend their environments due to the ongoing cyber skills gap. 80% of businesses claimed last year that they had one or more breaches that might have by a lack of cybersecurity knowledge and awareness. These difficulties have a standalone solution – Falcon OverWatch Cloud Threat Hunting. Security teams have a weapon at their disposal with Falcon Overwatch Cloud Threat Hunting to continuously identify sophisticated threats that originate in cloud settings and persist there. This aids in the detection of vulnerabilities that expose sensitive data to on-site analysts.

Addressing the lack of cloud skills

The introduction coincides with a continuous scarcity of cloud security capabilities. According to a 2022 IDC poll, cloud security skills rank first among security leaders’ skills gaps, followed by data management (23%) and analytics and intelligence (22%).

The lack of cyber skills and the complexity of cloud native systems have made it challenging for businesses to completely defend themselves against the sophisticated attacks by knowledgeable cybercriminals for years.

“Modern attacks make the most of today’s vast cloud attack surface — serverless workload vulnerabilities, misconfigured services, and container registry dependencies are just a few of the issues ripe for adversary compromise and weaponization,” said VP of OverWatch, Param Singh.

“Making matters worse, as adversaries shift their operations to the cloud, security teams struggle to keep pace and don’t have the requisite skills or resources to monitor, manage and protect their critical and rapidly expanding cloud estates,” Singh said.

To meet these problems, Falcon OverWatch Cloud continuously scans the cloud for threats and suspicious activity, which include misconfigurations, application behavior abnormalities, container escapes, API privilege escalations, and worker node compromise. Additionally, it also has a Control pane and serverless workload vulnerabilities. The system offers deep visibility into cloud-based threats in real-time and is built on a cloud sensor network that secures over 1.5 billion containers daily.

A look into CNAPP, cloud threat hunting, and the market for cloud security

With its new product, CrowdStrike is entering the USD 40.8 billion global cloud security industry, which analysts predict will reach USD 77.5 billion by 2026 at a compound annual growth rate (CAGR) of 13.7%.

Even while Singh claims that Falcon OverWatch doesn’t have any direct rivals as a tool that businesses may employ to secure cloud environments, it faces off against cloud-native application protection platforms (CNAPPs) like Palo Alto Networks Prisma Cloud.

In order to assist users in completely securing their environments, Prisma Cloud offers a solution to secure cloud setups and scan code in addition to detection and response capabilities. For the third quarter of 2022, Palo Alto Networks declared an increase in overall sales of USD 1.4 billion.

A different rival is Check Point, which offers the CloudGuard CNAPP platform, which provides threat-prevention capabilities for assets and workloads with machine learning that can identify anomalies that suggest malicious behavior, in addition to features like auto-provisioning to facilitate cloud management. Additionally, Check Point made USD 599 million in revenue last year.

Singh counters that the telemetry Falcon OverWatch receives from CrowdStrike Security Cloud sets it apart from other cloud security options.

“Falcon OverWatch is a truly unique and differentiated proactive service, spearheaded by its highly skilled, human-led operations and unmatched telemetry and visibility into the CrowdStrike Security Cloud, which processes more than one trillion events every day,” Singh said.