Cloud Security - CrowdStrike Enhances CNAPP with New Features

What Happened

CrowdStrike has made significant advancements in its Cloud Native Application Protection Platform (CNAPP) by introducing industry-first capabilities that focus on adversary-informed risk prioritization. This development aims to address the rising concerns regarding cloud security as incidents of cloud breaches continue to escalate. According to the CrowdStrike 2026 Global Threat Report, cloud-related intrusions by state-nexus threat actors surged by 266% in 2025. These new features are designed to help security teams better understand and mitigate risks associated with their cloud environments.

The enhancements come in response to three critical gaps identified in current cloud security practices. First, existing solutions often focus solely on infrastructure without considering how business applications operate within that infrastructure. Second, risk assessments typically ignore adversary behavior, which can lead to misprioritization of threats. Finally, security teams face challenges in connecting risk detections to the configuration changes that caused them, leading to inefficient triage processes.

New CNAPP Innovations for Proactive Security

CrowdStrike's latest innovations aim to fill these gaps by providing a more comprehensive view of cloud risk. One of the standout features is Application Explorer, which integrates application-layer visibility with cloud infrastructure context. This tool allows security teams to see how business applications function across both cloud and on-premises environments, providing insights into dependencies and potential vulnerabilities.

With Application Explorer, organizations can now identify how infrastructure risks impact production applications. For example, if a storage resource is found to have overly permissive access, the tool can reveal which applications connect to that resource and whether they handle sensitive data. This capability is crucial for understanding the potential impact of vulnerabilities on mission-critical applications, such as payment processing systems.

How This Affects Your Cloud Security

The introduction of these features is particularly timely as organizations increasingly adopt cloud-native solutions. By aligning risk assessments with observed adversary behavior, CrowdStrike enables security teams to prioritize remediation efforts effectively. This approach allows organizations to focus on the most relevant threats, rather than wasting resources on theoretical risks that may not be applicable.

Furthermore, the integration of AI-driven applications into the risk assessment process is a significant advancement. CrowdStrike's tools can now discover applications running as machine learning models, identify dependencies on external large language models (LLMs), and map data access. This capability helps organizations detect unapproved AI usage and prevent sensitive data exposure, enhancing overall security posture.

What You Should Do

Organizations should consider adopting CrowdStrike's new CNAPP capabilities to enhance their cloud security strategies. By leveraging tools like Application Explorer, security teams can gain a clearer understanding of their risk landscape and make informed decisions about remediation efforts. It's essential to continuously monitor application behavior and cloud infrastructure to adapt to evolving threats.

In addition, businesses should ensure they are aware of the latest adversary tactics and adjust their security measures accordingly. By staying informed and proactive, organizations can better protect themselves against the rising tide of cloud breaches and maintain the integrity of their data and applications.