Complexity has become a defining security challenge as organizations expand across hybrid and multi-cloud environments. In fact, 52% of surveyed organizations ranked multi/hybrid cloud complexity among their top three infrastructure concerns.¹ This complexity creates fragmented visibility across cloud providers, workloads, and Kubernetes environments — gaps that adversaries increasingly exploit to move undetected.

Cloud-conscious intrusions rose 37% year-over-year in 2025, the CrowdStrike 2026 Global Threat Report found. Emerging eCrime adversaries are advancing their tactics to abuse trusted relationships and compromise downstream victims. Adversaries are also accelerating — the fastest observed eCrime breakout time was just 27 seconds — leaving little room for delayed detection and response.

Yet with the tooling available today, this remains difficult in practice. Three key gaps persist:

• Fragmented runtime visibility: Limited or siloed visibility across multi-cloud environments slows investigation and obscures attacker activity.
• Delayed detection and response: Reliance on log post-processing introduces lag, giving adversaries time to move laterally and establish persistence.
• Kubernetes control plane blind spots: Limited visibility into the Kubernetes API layer allows attackers to abuse legitimate actions to escalate privileges and modify configurations without triggering traditional defenses.

Closing these gaps requires a cloud-native application protection platform (CNAPP) approach that extends beyond posture management to deliver real-time, unified detection and response across cloud environments.

Today, we’re introducing expanded real-time cloud detection and response (CDR) support for Google Cloud, along with new Kubernetes threat detections for Google Kubernetes Engine (GKE). These innovations are designed to close critical visibility gaps and enable faster detection and response to modern cloud threats.

We’re also extending the CrowdStrike Falcon® platform to regional Google Cloud infrastructure, enabling organizations to adopt and consolidate on the industry’s leading AI-native cybersecurity platform using the underlying cloud provider that best aligns to their operational and data sovereignty requirements. 

With these new innovations, CrowdStrike continues to advance its mission of helping organizations stop cloud breaches across hybrid and multi-cloud environments.

Real-Time CDR for Google Cloud: Expanding Detection and Response Across Multi-Cloud Environments

CrowdStrike Falcon® Cloud Security now extends real-time CDR to Google Cloud, in addition to support for AWS, delivering unified, real-time detection and response across multi-cloud environments. By bringing Google Cloud activity into a single detection pipeline, security teams gain visibility into attacker behavior across their multi-cloud attack surface and eliminate the gaps of fragmented visibility that adversaries leverage.

Many approaches to processing agentless cloud telemetry introduce delays in detection. Falcon Cloud Security analyzes Google Cloud activity as it happens and instantly applies detections. This enables SOC teams to identify malicious cloud activity in seconds and interrupt attacker activity before it can progress, reducing dwell time and limiting potential blast radius. 

CrowdStrike powers CDR with the breadth of the broader Falcon platform, in which teams can correlate cloud telemetry with sensor activity and threat intelligence, and accelerate with CrowdStrike® Charlotte AI™ for deeper threat hunting and faster investigations.

With multi-cloud support, CrowdStrike continues to lead as the only CNAPP delivering real-time, cross-cloud detection and response designed to stop breaches.

Watch it in action in this demo:

This new capability is in beta and will be generally available in the coming months.

Kubernetes Threat Detection: Exposing Attacker Activity in the Control Plane

As organizations increasingly rely on Kubernetes to run mission-critical and AI-driven applications, visibility into the control plane has become essential to stopping modern attacks. Without it, adversaries can operate through legitimate orchestration workflows and bypass traditional runtime defenses to remain undetected.

Falcon Cloud Security now extends detection coverage into the Kubernetes control plane to provide visibility into attacker activity within the orchestration layer that manages and deploys workloads. While the Falcon sensor protects the runtime environment, Kubernetes threat detection enhances coverage by ingesting and monitoring Kubernetes audit logs to expose how adversaries exploit resources — such as service accounts or secrets — to gain access, escalate privileges, and maintain persistence beyond the workload.

Each detection is enriched with cloud, workload, and identity context and correlated across the Falcon platform so security teams can trace attacker activity across Kubernetes and the broader cloud environment. This allows teams to connect control plane actions with runtime behavior and identity activity, and gain a unified view of how attacks unfold across domains.

By extending detection into the control plane, Falcon Cloud Security provides comprehensive Kubernetes protection that helps organizations detect and stop attacks that would otherwise remain hidden.

The post CrowdStrike Expands Real-Time Cloud Detection and Response to Google Cloud appeared first on MASSIVE News.

Tune in as host Alexander Romero, Senior Director of Cross-Cloud Services at VMware, is joined by Justin Murray, Technical Marketing Architect plus another executive from VMware’s Cloud Infrastructure Business Group. They will review and discuss new partnerships in the new VMware Private AI ecosystem.

If you are attending VMware Explore Barcelona, please look for the Cross-Cloud Services team at:

• Specific CCS Breakouts – The Most Comprehensive Demo of VMware Multi-Cloud Products in One Place; Top 5 Customer Multi-Cloud Challenges with Key Insights from VMware and Deloitte (Full list available here.)
• Expo Floor Theater presentations on Solving the Multi-Cloud Problem (VBT2626BCN).
• Meet the Experts RoundTable (CCSM2310BCN)
• The Cross-Cloud Café – Just across from the VMware Demo Stand, you can enjoy a free barista-made espresso and meet 1-on-1 with a VMware solution specialist.

Follow this event on LinkedIn to receive notifications!

Miss an episode? Check out our blog site for episode details and recording links: https://crosscloud.vmware.com/multi-cloud-expedition

The post The Multi-Cloud Expedition Episode 12: Live from VMware Explore Barcelona 2023 – More about VMware Private AI appeared first on MASSIVE News.

At VMware Explore Las Vegas,  VMware President, Summit Dhawan introduced 5 new, major innovations that strengthen VMware’s Cloud and Edge Infrastructure offering, part of VMware Cross-Cloud services.  VMware Cross-Cloud services give you standardized ways to build, operate, access, and secure your applications on any cloud. 

VMware Cloud Foundation (VCF), the heart of VMware’s Cloud and Edge infrastructure offering, delivers a complete, virtualized cloud stack that includes compute (VMware vSphere), storage (VMware vSAN), networking (VMware NSX) and management (VMware Aria) capabilities.  VMware Cloud, built on VCF, runs on every cloud that matters to your business including private cloud, public cloud, partner cloud, and edge cloud. 

The five major announcements that Summit addressed are recapped for you below:

Introducing VMware VSAN MAX

Continuing VMware’s commitment to support customers’ most critical workloads with flexibility, performance, and efficiency, VMware introduced vSAN MAX.  vSAN MAX delivers a new, optional disaggregated storage deployment model built on vSAN Express Storage Architecture and leveraging VSAN’s proven and highly efficient storage model.  This new offering supports the needs of organizations with data intensive applications (such as emerging AI/ML apps) that need to be able to scale storage independent of compute considerations. 

Watch here: https://youtu.be/J2gA_R-lJRs?si=LByPOwKl7L5eX29m&t=35

VMware Cloud Foundation Enhancements

Major announcement number two focused on new capabilities in VCF that allow cloud administrators to seamlessly upgrade to the latest version of VCF.  The new upgrade model makes is significantly easier to upgrade the entire virtual cloud infrastructure stack with upgrades being achieved at a speed that is three times faster than previous version upgrades.  This new upgrade capability greatly simplifies the lives of cloud administrators who are responsible for making sure that their end users always have access to the latest and most innovative infrastructure offerings that support the building and running of applications on any cloud.

Watch here: https://youtu.be/J2gA_R-lJRs?si=LByPOwKl7L5eX29m&t=63

Introducing VMware NSX+

As part of VMware’s commitment of simplifying multi-cloud use, VMware introduced VMware NSX+, a new multi-cloud service offering.  NSX+ is a cloud-delivered networking, security, and advanced load balancing as-a-service offering for NSX that allows networking, security, and operations teams to consume and operate NSX services from a single cloud console across private, hybrid, and public clouds. NSX+ enables consistent policy management, unified visibility, network detection and response, advanced load balancing, and simplified cloud operations, helping organizations accelerate multi-cloud deployments at scale.

Watch here: https://youtu.be/J2gA_R-lJRs?si=LByPOwKl7L5eX29m&t=114

Introducing Virtual Private Cloud networking (delivered as part of NSX+)

Announcement number four focused on how cloud administrators can now quickly and easily deliver to their developers and other end-users, virtual private clouds.  This new capability allows cloud administrators to deliver an environment that provides full isolation of networking, security, and other services to multiple tenants on a shared VMware Cloud infrastructure managed by a single global NSX interface.  Cloud administrators can also maintain supervisory control and set operational guardrails on a per VPC basis; helping to ensure that changes made in one VPC environment have no impact on other cloud tenants.

Watch here: https://youtu.be/J2gA_R-lJRs?si=LByPOwKl7L5eX29m&t=160

Enhancements To VMware Ransomware Recovery solution

VMware Ransomware Recovery is an award-winning VMware Cloud service designed to help organizations recover from fileless attacks using behavioral analysis of powered-on VMs in cloud-based isolated recovery environments (IREs).  Announcement number five addressed enhancements to this offering.  Specifically, VMware announced the availability of capabilities that support simultaneous multi-VM recovery operations.  This same solution will also deliver by end of the fiscal quarter, new capabilities that enable customers to run production workloads in the cloud until forensics are completed and the on-premises datacenter is fortified.

Watch here: https://youtu.be/J2gA_R-lJRs?si=LByPOwKl7L5eX29m&t=185

Missed Las Vegas?

VMware Explore will continue beyond Vegas with upcoming events scheduled for Europe and Asia.  Check VMware.com for locations and registration information.  You can also view much of the content from VMware Explore Las Vegas in the Explore Video Library.

The post Multi-Cloud Infrastructure: Five New Innovations appeared first on MASSIVE News.