惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

H
Heimdal Security Blog
A
Arctic Wolf
K
Kaspersky official blog
V
Vulnerabilities – Threatpost
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Simon Willison's Weblog
Simon Willison's Weblog
L
LINUX DO - 热门话题
MongoDB | Blog
MongoDB | Blog
T
Threat Research - Cisco Blogs
D
Docker
爱范儿
爱范儿
T
Tenable Blog
C
Check Point Blog
B
Blog
C
Cisco Blogs
Vercel News
Vercel News
The Cloudflare Blog
T
Threatpost
NISL@THU
NISL@THU
T
Tor Project blog
V2EX - 技术
V2EX - 技术
P
Palo Alto Networks Blog
Application and Cybersecurity Blog
Application and Cybersecurity Blog
T
Tailwind CSS Blog
G
GRAHAM CLULEY
P
Privacy & Cybersecurity Law Blog
SecWiki News
SecWiki News
博客园 - 司徒正美
S
Security @ Cisco Blogs
GbyAI
GbyAI
S
Secure Thoughts
Microsoft Security Blog
Microsoft Security Blog
The Register - Security
The Register - Security
Recorded Future
Recorded Future
Cloudbric
Cloudbric
Webroot Blog
Webroot Blog
N
News and Events Feed by Topic
Y
Y Combinator Blog
博客园_首页
T
Troy Hunt's Blog
The Hacker News
The Hacker News
雷峰网
雷峰网
Google DeepMind News
Google DeepMind News
U
Unit 42
AWS News Blog
AWS News Blog
PCI Perspectives
PCI Perspectives
V
Visual Studio Blog
博客园 - 聂微东
有赞技术团队
有赞技术团队
酷 壳 – CoolShell
酷 壳 – CoolShell

Blog

CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike Why AI Projects Stall and How CIOs Can Respond | CrowdStrike CrowdStrike Leads 2026 Frost Radar for Cloud Runtime Security CrowdStrike Expands Identity Leadership with OpenID and IDPro CrowdStrike 2026 Report: China Fuels Attacks on Tech June 2026 Patch Tuesday: Updates and Analysis | CrowdStrike CrowdStrike and Zscaler Bring Continuous Identity Security to Zero Trust Access 3 Principles to Safely Scale Agentic AI | CrowdStrike ISO 42001:2023 and the New Reality of Cloud AI Data Risk How to Stop AI-Driven Data Loss | CrowdStrike CrowdStrike and NVIDIA Bring Enterprise-Grade Security to AI Factory CrowdStrike and NVIDIA Collaboration Scales AI-Native Agents Secure Shadow AI at the Control Plane with Falcon for IT CrowdStrike Named Leader in 2026 Gartner Magic Quadrant for Endpoint Protection Shadow AI: The Hidden Risk Expanding Across the Enterprise CrowdStrike Named a Leader in Identity Threat Detection and Response Inside CrowdStrike’s Takedown of a Developer-Targeting Botnet Measuring AI-Enabled Success: 3 Trackable KPIs New Claude Integration Brings Audit Data to Falcon Platform How to Protect Identities and Sessions from Infostealers Now Live: CrowdStrike 2026 Financial Services Threat Landscape Report Falcon AIDR Detects Threats at Prompt Layer in Kubernetes AI Apps May 2026 Patch Tuesday: Updates and Analysis | CrowdStrike AI Threat Detection with Automated Leads | CrowdStrike CrowdStrike Named a Leader in Gartner Magic Quadrant for Cyberthreat Intelligence CrowdStrike Launches Falcon OverWatch for Defender CrowdStrike Technical Risk Assessments Reveal Common Exposure Patterns Tune In: The Future of AI-Powered Vulnerability Discovery Defending Against CORDIAL SPIDER and SNARKY SPIDER CrowdStrike Expands ChatGPT Enterprise Integration CrowdStrike Named a Leader in 2026 Frost & Sullivan Radar for CNAPP CrowdStrike Falcon Cloud Security Delivers 264% ROI CrowdStrike Falcon Platform Achieves 441% ROI in Three Years CrowdStrike Introduces Shadow AI Visibility Service How Defenders Must Respond to Frontier AI | CrowdStrike Frontier AI for Defenders: CrowdStrike and OpenAI TAC April 2026 Patch Tuesday: Updates and Analysis | CrowdStrike How CrowdStrike Accelerates Exposure Evaluation Against Threats | Blog STARDUST CHOLLIMA Likely Compromises Axios npm Package Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management Detecting CVE-2026-20929: Kerberos Relay Attack via DNS CNAME Abuse How Charlotte AI Agentworks Fuels Security's Agentic Ecosystem CrowdStrike Flex for Services Expands Access to Elite Security Expertise Falcon Data Security Secures Data Wherever It Lives and Moves CrowdStrike Advances CNAPP with Adversary-Informed Risk Prioritization CrowdStrike Services and Agentic MDR Put Agentic SOC in Reach
CrowdStrike Expands Real-Time CDR to Google Cloud
Karishma Ast · 2026-04-22 · via Blog

Complexity has become a defining security challenge as organizations expand across hybrid and multi-cloud environments. In fact, 52% of surveyed organizations ranked multi/hybrid cloud complexity among their top three infrastructure concerns.1 This complexity creates fragmented visibility across cloud providers, workloads, and Kubernetes environments — gaps that adversaries increasingly exploit to move undetected.

Cloud-conscious intrusions rose 37% year-over-year in 2025, the CrowdStrike 2026 Global Threat Report found. Emerging eCrime adversaries are advancing their tactics to abuse trusted relationships and compromise downstream victims. Adversaries are also accelerating — the fastest observed eCrime breakout time was just 27 seconds — leaving little room for delayed detection and response.

Yet with the tooling available today, this remains difficult in practice. Three key gaps persist:

  • Fragmented runtime visibility: Limited or siloed visibility across multi-cloud environments slows investigation and obscures attacker activity.
  • Delayed detection and response: Reliance on log post-processing introduces lag, giving adversaries time to move laterally and establish persistence.
  • Kubernetes control plane blind spots: Limited visibility into the Kubernetes API layer allows attackers to abuse legitimate actions to escalate privileges and modify configurations without triggering traditional defenses.

Closing these gaps requires a cloud-native application protection platform (CNAPP) approach that extends beyond posture management to deliver real-time, unified detection and response across cloud environments.

Today, we’re introducing expanded real-time cloud detection and response (CDR) support for Google Cloud, along with new Kubernetes threat detections for Google Kubernetes Engine (GKE). These innovations are designed to close critical visibility gaps and enable faster detection and response to modern cloud threats.

We’re also extending the CrowdStrike Falcon® platform to regional Google Cloud infrastructure, enabling organizations to adopt and consolidate on the industry’s leading AI-native cybersecurity platform using the underlying cloud provider that best aligns to their operational and data sovereignty requirements. 

With these new innovations, CrowdStrike continues to advance its mission of helping organizations stop cloud breaches across hybrid and multi-cloud environments.

Real-Time CDR for Google Cloud: Expanding Detection and Response Across Multi-Cloud Environments

CrowdStrike Falcon® Cloud Security now extends real-time CDR to Google Cloud, in addition to support for AWS, delivering unified, real-time detection and response across multi-cloud environments. By bringing Google Cloud activity into a single detection pipeline, security teams gain visibility into attacker behavior across their multi-cloud attack surface and eliminate the gaps of fragmented visibility that adversaries leverage.

Many approaches to processing agentless cloud telemetry introduce delays in detection. Falcon Cloud Security analyzes Google Cloud activity as it happens and instantly applies detections. This enables SOC teams to identify malicious cloud activity in seconds and interrupt attacker activity before it can progress, reducing dwell time and limiting potential blast radius. 

CrowdStrike powers CDR with the breadth of the broader Falcon platform, in which teams can correlate cloud telemetry with sensor activity and threat intelligence, and accelerate with CrowdStrike® Charlotte AI™ for deeper threat hunting and faster investigations.

With multi-cloud support, CrowdStrike continues to lead as the only CNAPP delivering real-time, cross-cloud detection and response designed to stop breaches.

Watch it in action in this demo:

This new capability is in beta and will be generally available in the coming months.

Kubernetes Threat Detection: Exposing Attacker Activity in the Control Plane

As organizations increasingly rely on Kubernetes to run mission-critical and AI-driven applications, visibility into the control plane has become essential to stopping modern attacks. Without it, adversaries can operate through legitimate orchestration workflows and bypass traditional runtime defenses to remain undetected.

Falcon Cloud Security now extends detection coverage into the Kubernetes control plane to provide visibility into attacker activity within the orchestration layer that manages and deploys workloads. While the Falcon sensor protects the runtime environment, Kubernetes threat detection enhances coverage by ingesting and monitoring Kubernetes audit logs to expose how adversaries exploit resources — such as service accounts or secrets — to gain access, escalate privileges, and maintain persistence beyond the workload.

Each detection is enriched with cloud, workload, and identity context and correlated across the Falcon platform so security teams can trace attacker activity across Kubernetes and the broader cloud environment. This allows teams to connect control plane actions with runtime behavior and identity activity, and gain a unified view of how attacks unfold across domains.

By extending detection into the control plane, Falcon Cloud Security provides comprehensive Kubernetes protection that helps organizations detect and stop attacks that would otherwise remain hidden.

This new capability is generally available.

CrowdStrike Expands Falcon Platform to Google Cloud

CrowdStrike is extending the Falcon platform to Google Cloud regional infrastructure, delivering the multi-cloud flexibility global organizations demand. Starting next quarter, organizations can consolidate their security stack on the unified Falcon platform without being tethered to a specific cloud provider or forced to manage fragmented security across diverse environments. 

Multi-cloud flexibility enables data to be processed, correlated, and acted on within regional environments to help meet strict operational and sovereignty requirements. This architecture anchors data residency within regional boundaries while maintaining unified global intelligence, helping companies stop breaches in a world where attacks do not respect borders.

Stop Breaches with Unified Cloud Coverage

These innovations in Falcon Cloud Security deliver unified detection and response across multi-cloud environments and every layer of the cloud stack. From real-time CDR for Google Cloud to deep visibility into the Kubernetes control plane, organizations gain the coverage needed to close blind spots and track attacker behavior end to end.

With added availability for Google Cloud regional infrastructure, organizations can achieve this level of protection while working to meet data residency and operational requirements without fragmenting their security stack.

Together, these capabilities enable security teams to detect threats earlier, accelerate investigations, and stop attacks before they escalate into breaches, making CrowdStrike the platform of choice for securing modern cloud environments.

Additional Resources

Forward-Looking Statements

This blog may include discussion of unreleased services or features. Any unreleased services or features referenced here are still in development and subject to change. Customers should make their purchase decisions based upon features that are currently available.

1 HashiCorp 2025 Cloud Complexity Report