惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

MyScale Blog
MyScale Blog
Microsoft Azure Blog
Microsoft Azure Blog
H
Help Net Security
N
News and Events Feed by Topic
Recent Announcements
Recent Announcements
D
Docker
M
MIT News - Artificial intelligence
L
LangChain Blog
I
InfoQ
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
P
Proofpoint News Feed
博客园_首页
MongoDB | Blog
MongoDB | Blog
美团技术团队
S
Schneier on Security
G
GRAHAM CLULEY
月光博客
月光博客
有赞技术团队
有赞技术团队
Vercel News
Vercel News
Scott Helme
Scott Helme
P
Privacy International News Feed
Last Week in AI
Last Week in AI
Recorded Future
Recorded Future
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
The Cloudflare Blog
Attack and Defense Labs
Attack and Defense Labs
Google Online Security Blog
Google Online Security Blog
Simon Willison's Weblog
Simon Willison's Weblog
量子位
S
Security @ Cisco Blogs
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
V
Visual Studio Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
NISL@THU
NISL@THU
N
Netflix TechBlog - Medium
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
Recent Commits to openclaw:main
Recent Commits to openclaw:main
Spread Privacy
Spread Privacy
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
小众软件
小众软件
罗磊的独立博客
Security Archives - TechRepublic
Security Archives - TechRepublic
T
Threatpost
L
Lohrmann on Cybersecurity
www.infosecurity-magazine.com
www.infosecurity-magazine.com
S
Security Affairs
Cloudbric
Cloudbric
爱范儿
爱范儿
H
Heimdal Security Blog
PCI Perspectives
PCI Perspectives

Blog

CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike CrowdStrike Why AI Projects Stall and How CIOs Can Respond | CrowdStrike CrowdStrike Leads 2026 Frost Radar for Cloud Runtime Security CrowdStrike Expands Identity Leadership with OpenID and IDPro CrowdStrike 2026 Report: China Fuels Attacks on Tech June 2026 Patch Tuesday: Updates and Analysis | CrowdStrike CrowdStrike and Zscaler Bring Continuous Identity Security to Zero Trust Access 3 Principles to Safely Scale Agentic AI | CrowdStrike ISO 42001:2023 and the New Reality of Cloud AI Data Risk How to Stop AI-Driven Data Loss | CrowdStrike CrowdStrike and NVIDIA Bring Enterprise-Grade Security to AI Factory CrowdStrike and NVIDIA Collaboration Scales AI-Native Agents Secure Shadow AI at the Control Plane with Falcon for IT CrowdStrike Named Leader in 2026 Gartner Magic Quadrant for Endpoint Protection Shadow AI: The Hidden Risk Expanding Across the Enterprise CrowdStrike Named a Leader in Identity Threat Detection and Response Inside CrowdStrike’s Takedown of a Developer-Targeting Botnet Measuring AI-Enabled Success: 3 Trackable KPIs New Claude Integration Brings Audit Data to Falcon Platform How to Protect Identities and Sessions from Infostealers Now Live: CrowdStrike 2026 Financial Services Threat Landscape Report Falcon AIDR Detects Threats at Prompt Layer in Kubernetes AI Apps May 2026 Patch Tuesday: Updates and Analysis | CrowdStrike AI Threat Detection with Automated Leads | CrowdStrike CrowdStrike Named a Leader in Gartner Magic Quadrant for Cyberthreat Intelligence CrowdStrike Launches Falcon OverWatch for Defender CrowdStrike Technical Risk Assessments Reveal Common Exposure Patterns Tune In: The Future of AI-Powered Vulnerability Discovery Defending Against CORDIAL SPIDER and SNARKY SPIDER CrowdStrike Expands ChatGPT Enterprise Integration CrowdStrike Named a Leader in 2026 Frost & Sullivan Radar for CNAPP CrowdStrike Falcon Cloud Security Delivers 264% ROI CrowdStrike Falcon Platform Achieves 441% ROI in Three Years CrowdStrike Introduces Shadow AI Visibility Service How Defenders Must Respond to Frontier AI | CrowdStrike Frontier AI for Defenders: CrowdStrike and OpenAI TAC April 2026 Patch Tuesday: Updates and Analysis | CrowdStrike How CrowdStrike Accelerates Exposure Evaluation Against Threats | Blog STARDUST CHOLLIMA Likely Compromises Axios npm Package Falcon for IT Supports Windows Secure Boot Certificate Lifecycle Management Detecting CVE-2026-20929: Kerberos Relay Attack via DNS CNAME Abuse How Charlotte AI Agentworks Fuels Security's Agentic Ecosystem CrowdStrike Flex for Services Expands Access to Elite Security Expertise Falcon Data Security Secures Data Wherever It Lives and Moves CrowdStrike Advances CNAPP with Adversary-Informed Risk Prioritization CrowdStrike Services and Agentic MDR Put Agentic SOC in Reach
CrowdStrike Expands Real-Time CDR to Google Cloud
Karishma Ast · 2026-04-22 · via Blog

Complexity has become a defining security challenge as organizations expand across hybrid and multi-cloud environments. In fact, 52% of surveyed organizations ranked multi/hybrid cloud complexity among their top three infrastructure concerns.1 This complexity creates fragmented visibility across cloud providers, workloads, and Kubernetes environments — gaps that adversaries increasingly exploit to move undetected.

Cloud-conscious intrusions rose 37% year-over-year in 2025, the CrowdStrike 2026 Global Threat Report found. Emerging eCrime adversaries are advancing their tactics to abuse trusted relationships and compromise downstream victims. Adversaries are also accelerating — the fastest observed eCrime breakout time was just 27 seconds — leaving little room for delayed detection and response.

Yet with the tooling available today, this remains difficult in practice. Three key gaps persist:

  • Fragmented runtime visibility: Limited or siloed visibility across multi-cloud environments slows investigation and obscures attacker activity.
  • Delayed detection and response: Reliance on log post-processing introduces lag, giving adversaries time to move laterally and establish persistence.
  • Kubernetes control plane blind spots: Limited visibility into the Kubernetes API layer allows attackers to abuse legitimate actions to escalate privileges and modify configurations without triggering traditional defenses.

Closing these gaps requires a cloud-native application protection platform (CNAPP) approach that extends beyond posture management to deliver real-time, unified detection and response across cloud environments.

Today, we’re introducing expanded real-time cloud detection and response (CDR) support for Google Cloud, along with new Kubernetes threat detections for Google Kubernetes Engine (GKE). These innovations are designed to close critical visibility gaps and enable faster detection and response to modern cloud threats.

We’re also extending the CrowdStrike Falcon® platform to regional Google Cloud infrastructure, enabling organizations to adopt and consolidate on the industry’s leading AI-native cybersecurity platform using the underlying cloud provider that best aligns to their operational and data sovereignty requirements. 

With these new innovations, CrowdStrike continues to advance its mission of helping organizations stop cloud breaches across hybrid and multi-cloud environments.

Real-Time CDR for Google Cloud: Expanding Detection and Response Across Multi-Cloud Environments

CrowdStrike Falcon® Cloud Security now extends real-time CDR to Google Cloud, in addition to support for AWS, delivering unified, real-time detection and response across multi-cloud environments. By bringing Google Cloud activity into a single detection pipeline, security teams gain visibility into attacker behavior across their multi-cloud attack surface and eliminate the gaps of fragmented visibility that adversaries leverage.

Many approaches to processing agentless cloud telemetry introduce delays in detection. Falcon Cloud Security analyzes Google Cloud activity as it happens and instantly applies detections. This enables SOC teams to identify malicious cloud activity in seconds and interrupt attacker activity before it can progress, reducing dwell time and limiting potential blast radius. 

CrowdStrike powers CDR with the breadth of the broader Falcon platform, in which teams can correlate cloud telemetry with sensor activity and threat intelligence, and accelerate with CrowdStrike® Charlotte AI™ for deeper threat hunting and faster investigations.

With multi-cloud support, CrowdStrike continues to lead as the only CNAPP delivering real-time, cross-cloud detection and response designed to stop breaches.

Watch it in action in this demo:

This new capability is in beta and will be generally available in the coming months.

Kubernetes Threat Detection: Exposing Attacker Activity in the Control Plane

As organizations increasingly rely on Kubernetes to run mission-critical and AI-driven applications, visibility into the control plane has become essential to stopping modern attacks. Without it, adversaries can operate through legitimate orchestration workflows and bypass traditional runtime defenses to remain undetected.

Falcon Cloud Security now extends detection coverage into the Kubernetes control plane to provide visibility into attacker activity within the orchestration layer that manages and deploys workloads. While the Falcon sensor protects the runtime environment, Kubernetes threat detection enhances coverage by ingesting and monitoring Kubernetes audit logs to expose how adversaries exploit resources — such as service accounts or secrets — to gain access, escalate privileges, and maintain persistence beyond the workload.

Each detection is enriched with cloud, workload, and identity context and correlated across the Falcon platform so security teams can trace attacker activity across Kubernetes and the broader cloud environment. This allows teams to connect control plane actions with runtime behavior and identity activity, and gain a unified view of how attacks unfold across domains.

By extending detection into the control plane, Falcon Cloud Security provides comprehensive Kubernetes protection that helps organizations detect and stop attacks that would otherwise remain hidden.

This new capability is generally available.

CrowdStrike Expands Falcon Platform to Google Cloud

CrowdStrike is extending the Falcon platform to Google Cloud regional infrastructure, delivering the multi-cloud flexibility global organizations demand. Starting next quarter, organizations can consolidate their security stack on the unified Falcon platform without being tethered to a specific cloud provider or forced to manage fragmented security across diverse environments. 

Multi-cloud flexibility enables data to be processed, correlated, and acted on within regional environments to help meet strict operational and sovereignty requirements. This architecture anchors data residency within regional boundaries while maintaining unified global intelligence, helping companies stop breaches in a world where attacks do not respect borders.

Stop Breaches with Unified Cloud Coverage

These innovations in Falcon Cloud Security deliver unified detection and response across multi-cloud environments and every layer of the cloud stack. From real-time CDR for Google Cloud to deep visibility into the Kubernetes control plane, organizations gain the coverage needed to close blind spots and track attacker behavior end to end.

With added availability for Google Cloud regional infrastructure, organizations can achieve this level of protection while working to meet data residency and operational requirements without fragmenting their security stack.

Together, these capabilities enable security teams to detect threats earlier, accelerate investigations, and stop attacks before they escalate into breaches, making CrowdStrike the platform of choice for securing modern cloud environments.

Additional Resources

Forward-Looking Statements

This blog may include discussion of unreleased services or features. Any unreleased services or features referenced here are still in development and subject to change. Customers should make their purchase decisions based upon features that are currently available.

1 HashiCorp 2025 Cloud Complexity Report