CrowdStrike: How to enable CrowdStrike Cloud Security Posture Management for GCP Projects

Manish Sharma
3 min readNov 23, 2022

--

Overview

To enable CrowdStrike CSPM for any cloud we must have Falcon Horizon subscription purchased or already enabled.

This Falcon Horizon product actually comes under CrowdStrike Cloud Security Solution:

  • Falcon Horizon
  • Container and Kubernetes Security
  • Cloud Workloads Discovery

About Falcon Horizon

  • Falcon Horizon gives visibility into your entire cloud infrastructure.
  • Falcon Horizon continuously monitors your cloud services for critical security issues, common errors and pattern of suspicious behaviour.
  • Compliance enforcement via Falcon Horizon policy help us to keep cloud environment secure.
  • Avoid breaches and make sure that your cloud security configuration meets industry recommendations.
  • Use this to triage findings and find recommendations so you can close the gaps and keep your cloud data secure

Register GCP Project with Falcon Horizon

The first step using the CrowdStrike Cloud Security Posture Management Platform (CSPM) is to register your GCP project with Falcon Horizon.

When registering Falcon Horizon is granted limited read-only access to your cloud environment.

Prerequisites

Ensure below GCP APIs are enabled in GCP project before registering GCP project(s):

  • cloudresourcemanager.googleapis.com
  • logging.googleapis.com
  • cloudasset.googleapis.com
  • compute.googleapis.com
  • sqladmin.googleapis.com
  • apengine.googleapis.com

Implementation

  • Login to your GCP project console
  • Navigate to IAM and Admin > Service Accounts
  • Click create Service Account
  • On the service account page , enter service account name , description and click on Create and Continue
  • Add Browser, Viewer and Cloud Asset Viewer roles to Service Account and click on Done
  • Within the service account page, search for the newly created service account and click to open to see details
  • Click the KEYS tab
  • Click the ADD KEY dropdown and select create new key
  • Ensure JSON is selected and click Create
  • This will download this newly created service account in JSON format to upload in Falcon Cloud Accounts Registration page.
  • Upload service account key file and click Submit

Post Implementation

Once you register GCP project to Falcon Horizon for CSPM then wait for few minutes for Falcon Horizon to monitor GCP Cloud project services and based on the pulled metadata it will create dashboard.

Thanks for reading this article. Follow me if you really enjoyed reading this article.

--

--

Manish Sharma

I am technology geek & keep pushing myself to learn new skills. I am AWS Solution Architect — Associate, Professional & Terraform Associate Developer certified.