CrowdStrike (NASDAQ: CRWD) today announced the expansion of its Cloud Detection and Response (CDR) capabilities to Google Cloud. As adversaries weaponise AI to infiltrate cloud environments and move laterally across systems faster than ever, CrowdStrike CDR detects and stops cloud attacks the moment they begin. CrowdStrike’s CDR accelerates the shift from fragmented, posture-only cloud security tools to unified, real-time protection across hybrid and multi-cloud environments.
CrowdStrike also extended the CrowdStrike Falcon® platform to regional Google Cloud infrastructure, enabling organisations to adopt and consolidate on its leading AI-native cybersecurity platform while aligning with operational and data sovereignty requirements.
“Every second counts when adversaries can move from access to exfiltration in minutes,” said Daniel Bernard, chief business officer at CrowdStrike. “CrowdStrike’s cloud security leadership is built on our ability to operate at runtime at scale. Extending CrowdStrike CDR to one of the world’s largest cloud platforms gives more organisations the speed and precision to stop cloud attacks the moment they begin.”
“Google Cloud is committed to an open security ecosystem, enabling greater choice and flexibility for our customers,” said Vineet Bhan, director of security and identity partnerships, Google Cloud. “By expanding our collaboration with CrowdStrike, customers have access to the best solutions for their unique needs.”
Stop Cloud Attacks in Seconds
As part of CrowdStrike Falcon® Cloud Security’s unified CNAPP, CrowdStrike CDR eliminates log batch processing used by traditional CDR, which often takes 15 minutes or more to surface a single detection. Powered by a real-time detection engine built on event streaming technology pioneered and battle-tested by the world’s top threat hunters, CrowdStrike analyses cloud activity as it happens. Combined with out-of-the-box real-time detections that leverage AI and machine learning to correlate active cloud adversary activity with cloud asset and identity context to expose advanced attacks, and automated response actions, CrowdStrike stops cloud breaches in seconds.
Multi-Cloud Data Sovereignty
Extending the Falcon platform to regional Google Cloud infrastructure delivers the multi-cloud flexibility global organisations demand, enabling data to be processed, correlated, and acted on within regional environments to comply with sovereignty requirements. By combining regional data residency with global protection, CrowdStrike stops breaches in a world where attacks do not respect borders.
“Cloud attacks are evolving rapidly, and stopping them requires real-time visibility and the ability to act instantly,” said Alexander Pabst, Deputy CISO at Allianz Group. “Combining CrowdStrike’s real-time, multi-cloud detection and response with Google Cloud’s global infrastructure is a critical step toward helping organisations keep pace with modern threats, while meeting the scale and data sovereignty requirements of global operations.”
For more information on the CrowdStrike-Google Cloud collaboration, visit CrowdStrike at Google Cloud Next ’26 booth #1211, or read our blog.
