CrowdStrike
- FedRAMP advisory services
- Amazon Web Services (AWS) GovCloud leverage
Project Information
Quzara provides strategic security consulting services to federal and commercial customers. In addition to managed security services, our AWS certified team offers cyber engineering and compliance documentation.
We offer advanced monitoring, detection, and response capabilities through our managed security platform, Cybertorch™. In addition to AWS security, Quzara's vendor-agnostic team manages automation, compliance, and security architectures to support critical missions for government and commercial customers.
Challenges
- CrowdStrike is the leader in cloud-delivered endpoint protection. Leveraging artificial intelligence (AI), the CrowdStrike Falcon® platform offers instant visibility and protection across the enterprise and prevents attacks on endpoints on or off the network. When CrowdStrike needed to expand their product to the U.S. Government, they contracted with the Quzara federal team. Quzara assisted CrowdStrike with their FedRAMP Authority to Operate (ATO) efforts.
- Quzara worked with CrowdStrike’s engineering and compliance teams to design security controls to meet stringent FedRAMP requirements. These requirements are based on the National Institute of Standards and Technology (NIST) security publication (SP) 800-53 and tailored for cloud computing.
- Quzara built requirements that leveraged the GovCloud offering from AWS in conjunction with CrowdStrike to meet these requirements. In addition to implementing controls at the application and infrastructure layers, Quzara's compliance engineers empowered CrowdStrike by maximizing their investment with our inherited controls across Amazon Web Services.
Why Amazon Web Services
Based on the challenges outlined above, Quzara advised CrowdStrike to run their platform on Amazon Web Services (AWS) GovCloud, in large part due to the cloud service provider’s (CSPs) track record of performance and security innovation.
In the United States, Amazon Web Services GovCloud (US) enables federal agencies to comply with US International Traffic in Arms Regulations (ITAR), Federal Risk and Authorization Management Program (FedRAMP) requirements, and Department of Defense (DoD) Cloud Computing Security Requirements Guide (CC SRG) Levels two (2) and four (4).
Using AWS GovCloud enabled CrowdStrike to protect sensitive unclassified data files with server-side encryption in Amazon S3; store and manage security keys with AWS key management service (KMS) and limit access to sensitive data by individual, time, and location. It also allowed CrowdStrike to restrict which API calls that users can make with identity federation, enable easy key rotation, and utilize other powerful access control testing tools that are available on AWS.
Quzara's security and compliance expertise helped CrowdStrike prioritize the implementation of controls and create a government focused cloud offering. Our success was largely due to leveraging AWS GovCloud controls and services. We are pleased to announce that CrowdStrike has succeeded in obtaining FedRAMP Authority to Operate (ATO).
"While such a project typically takes years to complete, our expertise in security and compliance allowed us to complete the project in just months."