CrowdStrike has launched Falcon OverWatch Cloud Threat Hunting, a service that identifies threats originating, operating or persisting in cloud environments.
The announcement further blurs the line between security software companies and MSSPs, as CrowdStrike continues to branch out from endpoint detection and response (EDR) capabilities to managed detection and response (MDR) and threat hunting services.
Seeing Through the Cloud
OverWatch Cloud Threat Hunting provides organizations with visibility into their cloud environments and allows them to observe and disrupt cloud threats, CrowdStrike noted. It helps organizations prevent security incidents and keep customers up to date about cloud-based attacks, including:
- Malicious activity in Amazon Web Services (AWS), Google Cloud Platform (GCP) and Microsoft Azure environments
- Hands-on-keyboard activity and zero-days that can compromise cloud workloads and containers in production
- Control plane and serverless vulnerabilities, misconfigurations and other cloud-based indicators of attacks (IOAs)
- Attack paths that exploit traditional IT assets to gain initial entry and move on to cloud applications, systems and data
In addition, OverWatch Cloud Threat Hunting uses CrowdStrike's Cloud Native Application Protection Platform (CNAPP) capabilities, the company said. It is also backed by cloud threat hunters who investigate suspicious and anomalous behaviors and activities.
CrowdStrike Continues to Explore Growth Opportunities
The OverWatch Cloud Threat Hunting announcement comes after CrowdStrike bolstered its security services portfolio and extend its cybersecurity and channel market reach in 2022:
- Investing in MSSP- and MSP-focused cybersecurity startups. CrowdStrike has invested in Dig, Do Control, Cybersixgill and other MSSP- and MSP-focused cybersecurity startups.
- Unveiling multi-cloud threat hunting capabilities. CrowdStrike integrated multi-cloud threat hunting capabilities into CNAPP to help organizations hunt for threats in cloud environments and workloads and reduce their mean time to respond to security incidents.
- Hiring McAfee and Sophos veteran Michael Rogers as global channel chief. CrowdStrike appointed Michael Rogers as its vice president of global business development to lead the company into its "next chapter of partner growth," Chief Sales Officer Jim Seidel said.
CrowdStrike delivers cybersecurity services to help organizations protect their endpoints, cloud workloads, identities and data. The company also provides the Elevate Partner Program, which allows MSSPs and MSPs to integrate its security capabilities into their offerings.