CrowdStrike Holdings, Inc. announced on April 22, 2026, a significant expansion of its Falcon Cloud Security suite, introducing native Cloud Detection and Response (CDR) capabilities for Google Cloud Platform (GCP). The move is designed to provide organizations with unified visibility and real-time runtime protection across their Google Cloud environments, addressing the increasing speed and sophistication of cloud-based adversary activity.
The integration allows the CrowdStrike Falcon platform to monitor Google Cloud workloads, including Google Kubernetes Engine (GKE), Google Compute Engine, and Google Cloud Run. By extending its CDR capabilities to GCP, CrowdStrike enables security teams to detect and remediate threats within the runtime environment, rather than relying solely on static configuration checks. The service leverages the CrowdStrike Threat Graph, an AI-powered data engine that processes trillions of events daily to identify patterns of malicious behavior.
George Kurtz, co-founder and CEO of CrowdStrike, stated that the expansion is a response to the rapid adoption of multi-cloud strategies among enterprise customers. Kurtz noted that cloud-conscious adversaries are increasingly targeting cloud-native services, necessitating a shift from traditional perimeter defense to active runtime monitoring. According to official company documentation, the new GCP integration provides automated discovery of unmanaged workloads and offers agentless visibility alongside agent-based protection for deep forensic analysis.
A key component of this announcement is the extension of the Falcon platform to Google Cloud’s regional infrastructure. This allows customers to maintain data residency requirements while benefiting from CrowdStrike’s global threat intelligence. The expansion also includes enhanced support for Google Cloud’s Security Command Center (SCC), allowing for the synchronization of security alerts and findings between the two platforms. This interoperability is intended to reduce the mean time to respond (MTTR) by consolidating security telemetry into a single console.
The service is now available through the Google Cloud Marketplace, enabling customers to utilize their existing Google Cloud committed spend for CrowdStrike subscriptions. This financial arrangement simplifies the procurement process for enterprises looking to scale their security operations alongside their cloud footprint. CrowdStrike confirmed that the GCP-specific CDR features are immediately available to Falcon Cloud Security customers globally.
This development follows CrowdStrike’s previous expansions into Amazon Web Services (AWS) and Microsoft Azure, solidifying the company’s position in the multi-cloud security market. The company reported that cloud security remains one of its fastest-growing business segments, though specific revenue figures for the GCP integration were not disclosed in the initial announcement. The expansion reflects a broader industry trend toward consolidated security platforms that can manage hybrid and multi-cloud architectures from a centralized management plane.