AWS and CrowdStrike

Innovate with AWS. Secure with CrowdStrike.

Crowdstrike and AWS

As organizations migrate to the cloud, they face a complex and growing threat landscape of sophisticated and cloud-conscious threat actors. Organizations must be prepared to address these security challenges from Day One. CrowdStrike’s Falcon platform allows customers to consolidate their security toolbox via a single platform, console, and agent.

Falcon Cloud Security integrates with over 50 AWS services to deliver effective protection at every stage of the cloud journey, combining multi-account deployment automation, sensor-based runtime protection, agentless API attack and misconfiguration detection, and pre-runtime scanning of containers, Lambda functions and IaC templates.

Falcon Identity Protections strengthens an organization’s identity security posture and ensures the right person has the right access to the right resources at the right time.  provides visibility for identity-based attacks and anomalies, comparing live traffic against behavior baselines and rules to detect attacks and lateral movement. Since most breaches involve compromised credentials and lateral movement, the best path for securing every domain and organization’s environment is by automating threat detection and creating dynamic risk profiling and alerting on identity traffic. With real-time alerts, Falcon Identity Threat Detection provides visibility into compromised credentials across hybrid identity stores, enabling secure cloud migrations. CrowdStrike named a Leader: 2024 Forrester Wave™ for Cloud Workload Security

Learn about CrowdStrike's areas of focus and benefits.

AWS Migration Made Secure: How CrowdStrike Protects Your Journey (6:03)

Areas of Focus

Secure As You Deploy

  • Migration: From lift-and-shift workload migrations to application modernization, a migration to Amazon Web Services (AWS) enables new levels of agility and innovation, as well as opportunities to reduce costs. Persistent threats pose a critical risk during migration phases, exposing sensitive data and systems to vulnerabilities as organizations transition their assets to new cloud environments. Regardless of where an organization is in their cloud migration journey, AWS and CrowdStrike can help securely migrate to the cloud with confidence. 
  • Event-driven Automation: AWS unlocks speed, scale, and operational efficiency by leveraging Infrastructure-as-Code to deploy cloud services, scaling in response to changes in usage, and triggering actions in response to specific events. With CrowdStrike’s portfolio of AWS integrations including the comprehensive AWS Built-in template, Falcon Cloud Security components are automatically deployed as you provision new AWS resources to ensure complete coverage at any given moment. 
  • Multi-account Support: AWS multi-account environments are a best-practice to help customers maintain functional and security boundaries between workloads while simplifying multi-account access and administration. CrowdStrike integrates with AWS Organizations and Control Tower to provide centralized asset visibility and Falcon Cloud Security deployment across the desired segmented environment.

Protect AWS Resources

  • Integrated Protection: CrowdStrike Falcon Cloud Security integrates seamlessly with AWS compute services such as EC2, Graviton instances, ECS, EKS, Fargate, ROSA, Workspaces, and Outposts to deliver deep runtime protection based on our category-defining endpoint detection and response, with pre-runtime vulnerability and misconfiguration scanning of ECR container images, Lambda functions, and Infrastructure-as-Code templates. CrowdStrike and AWS integrations allow organizations to innovate securely and efficiently in the cloud. 
  • Security Tool Consolidation: One of the key advantages of CrowdStrike Falcon Cloud Security is its ability to consolidate multiple security tools into a single platform by offering a full CNAPP solution. Platform consolidation and event correlation across cloud and on-prem workloads delivers more effective breach protection and reduces TCO through streamlined security operations, allowing for a more integrated security posture and simplified management.
  • Hybrid Identity Support: Frictionless security requires all users, whether in AWS or on-premise, to be authenticated, authorized and continuously validated. CrowdStrike Falcon Identity Protection provides a unified visibility and control of access to applications, resources and identity stores including Microsoft Active Directory, Azure Entra ID, Okta, and PingFed. With real-time threat prevention and IT policy enforcement using identity, behavioral and risk analytics, CrowdStrike is able prevents user fatigue and simultaneously secures service and privileged accounts. It also enables organizations to enforces consistent risk-based policies across cloud and legacy systems with zero friction - actions include block, allow, audit and step-up using MFA.  Finally it optimizes log storage costs by storing only relevant authentication logs.

Complete Cloud Visibility

  • Comprehensive Asset Visibility: CrowdStrike Falcon Cloud Security gives an overview of all AWS assets, identifying vulnerabilities, misconfigurations, and instances of excessive permissions or unauthorized access. Integration with AWS services enhance security visibility, ensuring that all aspects of the AWS environment are consistently monitored.
  • Enhanced Application Security: CrowdStrike addresses the unique challenges of securing microservices environments, providing visibility into the application layer. This ensures that security is not just limited to the infrastructure but extends to protect the applications running on AWS, guarding against vulnerabilities that could be exploited in a microservices architecture.Breach Protection.

Learn more about Crowdstrike on AWS Marketplace »

CrowdStrike & AWS Dev Day

Join CrowdStrike & AWS for a virtual Dev Day. Get hands-on experience with the CrowdStrike Falcon platform, built natively on the cloud, and see how you can enhance the security of your AWS workloads.

CrowdStrike Benefits

CrowdStrike Falcon Cloud Security (FCS) stops breaches with a unified agent and agentless approach to cloud security, extending from code to cloud in a single platform. It covers the key areas required for CNAPP with pre-runtime, run-time protection, and agentless technology. CrowdStrike offers a range of cloud threat detection and response services including incident response, threat hunting, assessment, and 24/7 MDR services for your entire cloud estate. FCS also helps you discover and map your apps and APIs running in production, showing you all attack surfaces, threats, and critical business risks.

Keep Complex Cloud Migrations on Track

CrowdStrike empowers organizations to embark on their cloud adoption journey with confidence, securing the foundational infrastructure against a rapidly changing threat landscape.
 

Complete Cloud Security

Falcon Cloud Security lets you provision secure infrastructure, run secure workloads and deploy secure applications. 
 

Automate Workload Discovery

Keep up with the dynamic, flexible nature of the AWS cloud and eliminate manual processes using automated discovery, uncover and mitigate risks, and reduce the attack surface.
 
 

Secure Diverse Workloads

Visibility at scale is crucial if multiple AWS accounts are handling multiple compute instances. CrowdStrike and AWS have teamed up to help organizations manage, govern, and multi-account AWS environments.

Read now »

Strengthen Security and Compliance

Reduce compliance risk with proven technology that can help you respond to a breach. Assess your organizational and technical abilities for maintaining the integrity and confidentiality of personal data.

Learn more »

Protect Cloud Identities

Learn how the failure to secure cloud identities can result in a breach and how d innovations in CrowdStrike Falcon® Identity Protection can stop identity attacks in the cloud.
 
 

Customer Success with CrowdStrike

Roper Technologies

“CrowdStrike lets us look at all of our assets in AWS in one place to ensure everything is protected.”
 
Karin Thibault, VP of Cybersecurity Report Technologies
 

Read the case study

Mercury Financial

 
“By giving us end-to-end protection, CrowdStrike has helped us build a culture of security.”
 
Alex Arango, Deputy CISO Mercury Financial
 

Read the case study

Geisinger

 
“CrowdStrike gave us the flexibility to quicky move from protecting our PCs to AWS pods at the click of a button, and with the same platform we know and trust.”
 
Zack Gable, GISO Geisinger
 

Read the case study

Connect with CrowdStrike

Definitive protection for everything you build and run in the cloud-delivered by CrowdStrike and AWS