IDC MarketScape

CrowdStrike Expands Cloud Detection and Response Leadership to Stop Cloud Breaches

CrowdStrike has announced new Cloud Detection and Response (CDR) innovations to unify industry-leading managed threat hunting with deep visibility across cloud, identity and endpoints to speed detection and response across every stage of a cloud attack. Beginning with Microsoft Azure, new CDR innovations expand visibility into cloud control plane activity, strengthening existing threat hunting for cloud runtime environments.

CrowdStrike Expands Cloud Detection and Response Leadership to Stop Cloud Breaches

With cloud intrusions growing 75% in the past year, cloud is the new battleground as adversaries increasingly leverage identity-based attacks to exploit visibility gaps created by fragmented platforms and cloud security point products. At the same time, Cloud SecOps teams face an emerging skills gap in cloud security expertise that can significantly delay detection and response times to threats.


cloud detection


With this release, the powerful combination of CrowdStrike’s proven expertise in 24/7 managed threat hunting and its industry-defining Cloud Native Application Protection Platform (CNAPP) sets a new standard for CDR by delivering the visibility across and within clouds, identities and endpoints needed to stop cloud breaches, even as threats move laterally from cloud to endpoint.

“CrowdStrike pioneered EDR, we established MDR before it was a category and now we’re setting the standard for what CDR delivers and can do for customers. Stopping cloud breaches requires rapid detection and response, but too often, Cloud SecOps teams are forced to manage multiple platforms and point products to get the visibility they need across their cloud infrastructure,” said Michael Sentonas, president at CrowdStrike. “The combination of CrowdStrike’s industry-leading cloud threat hunting services and comprehensive CNAPP provides a powerful force multiplier for Cloud SecOps teams to consolidate tools, close gaps in visibility and deliver the security outcome that matters most – stopping the breach.”

Stopping Identity-Based Attacks in the Cloud
As noted in the DHS Cyber Safety Review Board (CSRB), the Summer 2023 breach of Microsoft Exchange Online was “preventable and should never have occurred.” Adversaries commonly use identity-based attacks to breach customer cloud environments, and the security lapse noted in the CSRB report highlights the critical need to proactively detect and respond to cloud attacks, especially for Microsoft Azure environments.

With this release, CrowdStrike delivers the world’s most comprehensive cloud detection and response service by:

  • Protecting Cloud Control Planes: Beginning with Microsoft Azure, CrowdStrike expands visibility into cloud control plane activity, complimenting existing threat hunting for cloud runtime environments.
  • Stopping Cloud Identity Threats: CrowdStrike’s unified platform approach enables cloud threat hunters to proactively monitor and prevent compromised users and credentials from being exploited in cloud attacks.
  • Preventing Adversary Lateral Movement: The unified AI-native CrowdStrike Falcon platform empowers CrowdStrike cloud threat hunters to track lateral movement from cloud to endpoint, enabling rapid response and actionable insights for decisive remediation from indicators to root cause.