fbpx

Representative offices: 

Request callback
btn

CrowdStrike and AWS Expand Integrations to Provide Customers Multi-layered Protection Against Ransomware Attacks and Sophisticated Threats

News

Organizations continue to be targeted by sophisticated threats that lead to potential breaches. Customers need the proper people, process, intelligence and technology to be able to reduce risk and stop these threats. Recently, CrowdStrike announced an expansion to the technical collaborations they have with AWSto give customers enhanced protection against threats across cloud, workloads, identities and endpoints.


The expanded partnership includes:

  • AWS CloudEndure Disaster Recovery
  • AWS IAM Analyzer
  • Distributor in AWS Systems Manage


Defending Against Ransomware

In today’s world, backups and disaster recovery are a must to defend against adversaries, as we have seen with recent security incidents that force an entire organization’s operation capacity to a halt. Unfortunately, some of these organizations didn’t have an Emergency Recovery Plan, which means no backups of their data or ability to quickly recover their applications. Some of the organizations that did have a plan saw their backups encrypted by threat actors as part of the ransomware campaign.

To help protect against these attacks, the CrowdStrike Falcon platform now coordinates with CloudEndure Disaster Recovery , an AWS Company. By leveraging CrowdStrike`s expertise, powerful artificial intelligence (AI)-powered CrowdStrike Threat Graph database, and indicator of attack (IOA) technology, CrowdStrike Cloud Security Assessment can deliver actionable insights into security misconfigurations and deviations from recommended cloud security architecture to help clients prevent, detect and recover from breaches. CloudEndure helps customers restore their applications within minutes, minimizing business disruption. In the event of a breach, the Falcon platform will isolate the server, and while CrowdStrike goes to work removing the ransomware, you can spin up an instance of that server within minutes on AWS to continue operating as normal.

By conducting deep-dive forensic analysis of individual systems as well as broad compromise assessment of customers’ entire environment,CrowdStrike can determine the initial point of entry and root cause of the attack, identify the full scope of systems targeted, understand the type of data affected by the attack, and prevent future attacks. Customers can also take advantage of CloudEndure’s recovery checkpoints to go as far back as 90 days for all servers and data, allowing them to recover in minutes to a point in time prior to a ransomware infection and remove the complexity of re-architecting a network and additional infrastructure requirements.


Preventing Identity-based Threats

To provide identity protection and prevent unauthorized access into systems and applications, CrowdStrike now offers AWS IAM Analyzera feature in CrowdStrike Falcon Horizon. The AWS IAM Analyzer assesses AWS IAM services, apps, users, roles and permissions across all cloud accounts, enabling security teams to continuously monitor AWS accounts for excessive or unused permissions, identify suspicious permission escalation, and audit AWS cloud services for actions allowed per resource, user, group and role. This solution prevents users from putting their organization at risk by automating the detection and remediation of identity-based risks across your AWS environment.


Automating Sensor Package Deployment and Management for EC2 Instances

The most valuable asset is time. Automating repetitive tasks performed by employees that could be better spent elsewhere is crucial to an organization’s security posture and staying ahead of the threat landscape. CrowdStrike now integrates directly with Distributor in AWS Systems Manager, allowing customers to enhance security and compliance through automation of operational tasks, making workload deployments efficient and secure. Customers can now easily select to install the pre-built CrowdStrike Falcon sensor directly from Distributor without additional configuration, shortening time to deployment. AWS Systems Manager then provides customers improved visibility and control with centralized operational data from multiple AWS services and automated tasks across AWS resources. Customers are able to manage all sensor packages in one place and quickly choose which CrowdStrike Falcon agent software versions to install for their workloads. With this integration, customers can manage all deployments using a single user interface to further streamline operations.


Previously Announced Integrations

  • CrowdStrike + AWS Network Firewall: Accelerates incident response by quickly blocking access to known malicious domains across AWS footprints. Customers can proactively hunt for threats for suspicious activity based on industry vertical, threat actor or tactics, techniques and procedures (TTPs) across their Falcon-managed hosts and networks.
  • AWS Security Hub with CrowdStrike Falcon: Provides a comprehensive, real-time view of high-priority security alerts, and allows teams to automate security tasks and improve overall protection across DevOps, CISO, cloud architects and operations.
  • AWS GuardDuty and CrowdStrike Falcon: Uses AI/machine learning and IOA-based threat analysis to correlate network traffic with security findings, providing a defense-in-depth strategy against advanced attacks.


iIT Distribution understands the important role that effective and advanced cybersecurity tools play in the well-being of an organization. Therefore, we promote and offer our customers the best platforms from innovative leading companies in the Ukrainian market. The wide range of software and hardware solutions allows us to choose the best option that meets the structure and needs of a particular company.


Learn more about CrowdStrike's solutions.

Back

Mobile Marketing
+
en_GBEnglish