AWS and CrowdStrike

• Migration: From lift-and-shift workload migrations to application modernization, a migration to Amazon Web Services (AWS) enables new levels of agility and innovation, as well as opportunities to reduce costs. Persistent threats pose a critical risk during migration phases, exposing sensitive data and systems to vulnerabilities as organizations transition their assets to new cloud environments. Regardless of where an organization is in their cloud migration journey, AWS and CrowdStrike can help securely migrate to the cloud with confidence. 

• Event-driven Automation: AWS unlocks speed, scale, and operational efficiency by leveraging Infrastructure-as-Code to deploy cloud services, scaling in response to changes in usage, and triggering actions in response to specific events. With CrowdStrike’s portfolio of AWS integrations including the comprehensive AWS Built-in template, Falcon Cloud Security components are automatically deployed as you provision new AWS resources to ensure complete coverage at any given moment. 

• Multi-account Support: AWS multi-account environments are a best-practice to help customers maintain functional and security boundaries between workloads while simplifying multi-account access and administration. CrowdStrike integrates with AWS Organizations and Control Tower to provide centralized asset visibility and Falcon Cloud Security deployment across the desired segmented environment.

• Integrated Protection: CrowdStrike Falcon Cloud Security integrates seamlessly with AWS compute services such as EC2, Graviton instances, ECS, EKS, Fargate, ROSA, Workspaces, and Outposts to deliver deep runtime protection based on our category-defining endpoint detection and response, with pre-runtime vulnerability and misconfiguration scanning of ECR container images, Lambda functions, and Infrastructure-as-Code templates. CrowdStrike and AWS integrations allow organizations to innovate securely and efficiently in the cloud. 

• Security Tool Consolidation: One of the key advantages of CrowdStrike Falcon Cloud Security is its ability to consolidate multiple security tools into a single platform by offering a full CNAPP solution. Platform consolidation and event correlation across cloud and on-prem workloads delivers more effective breach protection and reduces TCO through streamlined security operations, allowing for a more integrated security posture and simplified management.

• Hybrid Identity Support: Frictionless security requires all users, whether in AWS or on-premise, to be authenticated, authorized and continuously validated. CrowdStrike Falcon Identity Protection provides a unified visibility and control of access to applications, resources and identity stores including Microsoft Active Directory, Azure Entra ID, Okta, and PingFed. With real-time threat prevention and IT policy enforcement using identity, behavioral and risk analytics, CrowdStrike is able prevents user fatigue and simultaneously secures service and privileged accounts. It also enables organizations to enforces consistent risk-based policies across cloud and legacy systems with zero friction - actions include block, allow, audit and step-up using MFA.  Finally it optimizes log storage costs by storing only relevant authentication logs.

• Comprehensive Asset Visibility: CrowdStrike Falcon Cloud Security gives an overview of all AWS assets, identifying vulnerabilities, misconfigurations, and instances of excessive permissions or unauthorized access. Integration with AWS services enhance security visibility, ensuring that all aspects of the AWS environment are consistently monitored.
• Enhanced Application Security: CrowdStrike addresses the unique challenges of securing microservices environments, providing visibility into the application layer. This ensures that security is not just limited to the infrastructure but extends to protect the applications running on AWS, guarding against vulnerabilities that could be exploited in a microservices architecture.Breach Protection.

Learn more about Crowdstrike on AWS Marketplace »