Reports
AI-generated structured vendor updates
CrowdStrike Discloses New Detection Method for Kerberos Relay Attacks
CrowdStrike disclosed a novel detection technique for Kerberos authentication relay attacks via DNS CNAME record abuse. The research exposes potential security blind spots in Active Directory infrastructure and provides behavior-based detection solutions.
Intel and CrowdStrike Deepen AI PC Security Integration for Enhanced Endpoint Threat Detection
Intel and CrowdStrike expanded collaboration to deeply integrate Falcon platform with Intel AI PC hardware, leveraging CPU/GPU/NPU on-device AI acceleration and chip-level telemetry. The solution aims to enable real-time threat detection and intrusion prevention without performance loss, addressing generative AI data leakage risks at enterprise scale.
CrowdStrike Advances AI Agent Ecosystem for Security Automation
CrowdStrike introduces Charlotte AI AgentWorks to build an AI agent ecosystem automating security operations. The platform enables agent collaboration for threat detection and response, improving efficiency and reducing manual efforts.
CrowdStrike Launches AI Agent Autonomous Execution Platform AgentWorks
CrowdStrike upgrades Charlotte AI from chatbot to autonomous agent platform. Users can create, orchestrate and deploy AI agents via natural language for security automation. This shifts security operations from manual to agent-driven model.
CrowdStrike Extends Falcon Platform with Data Security Features
CrowdStrike has enhanced its Falcon platform with data security capabilities to secure data at rest and in transit, offering unified protection across all environments regardless of location or movement.
CrowdStrike Reconstructs SOC Architecture with AI Agents
CrowdStrike's Agentic MDR service enables closed-loop detection-investigation-response via AI agents, transforming human-driven SOC into autonomous Agentic SOC architecture with deployable technical blueprint.
CrowdStrike Integrates Adversary-Informed Risk Prioritization into CNAPP
CrowdStrike has added industry-first adversary-informed risk prioritization to its Cloud Native Application Protection Platform (CNAPP), leveraging Threat Graph data to automate identification of high-risk security events and optimize SOC resource allocation.
CrowdStrike Launches On-Demand Security Expert Service Subscription
CrowdStrike extends its Falcon platform subscription model to professional services with Flex for Services. The offering provides on-demand access to elite security experts for threat hunting, incident response without long-term contracts. This moves product-level threat intelligence advantages to service delivery.
CrowdStrike CNAPP Integrates Threat Intelligence for Risk Prioritization
CrowdStrike adds threat intelligence-based risk prioritization to CNAPP, correlating cloud risks with known adversary TTPs. Integrated with Falcon platform data, it enables security teams to prioritize vulnerabilities and misconfigurations linked to active threat actors.
CrowdStrike Launches Agentic MDR Service Powered by AI Agents
CrowdStrike introduces Agentic MDR service automating security operations through AI agents. The service integrates Falcon platform, Charlotte AI and professional teams for end-to-end automated operations from investigation to remediation.
CrowdStrike Extends Platform to Data Security Layer for Unified Protection
CrowdStrike adds Data Security module to Falcon platform, offering data discovery, classification, and real-time protection for endpoints, cloud, and SaaS. Integrates data security posture management with existing EDR via unified console to prevent data exfiltration.
NVIDIA Launches OpenShell, Establishing Runtime Sandbox for Secure Autonomous AI Agents
NVIDIA introduces OpenShell, an open-source project designed as a secure-by-design runtime for autonomous AI agents. It employs a "browser tab" model, isolating agent operations from policy enforcement at the system level to prevent policy overrides and data leaks. NVIDIA is collaborating with key security vendors to establish a unified policy layer for enterprise AI agents.
NVIDIA Launches OpenShell Open-Source Runtime for AI Agent Security Isolation
NVIDIA introduces OpenShell open-source runtime providing system-level sandbox isolation for autonomous AI agents, separating application operations from infrastructure policy enforcement. Partners with Cisco, Google Cloud to establish unified runtime policy management. Releases NemoClaw reference stack for simplified deployment.
CrowdStrike Innovations for Securing AI Agents and Shadow AI
CrowdStrike introduces new capabilities to secure AI agents and govern shadow AI across endpoints, SaaS, and cloud. This innovation extends unified security controls to address unauthorized AI usage threats, enhancing enterprise AI security architecture.
CrowdStrike Expands Falcon SIEM to Support Third-Party EDR Tools
CrowdStrike has added support for third-party EDR tools to its next-gen SIEM, Falcon, starting with Microsoft Defender. This enables cross-vendor security data integration, improving incident response efficiency and reducing deployment complexity for enterprises.
CrowdStrike Launches AI Agent Security and Shadow AI Governance Solutions
CrowdStrike launched Falcon for AI Security for runtime protection of AI agents, and Falcon Exposure Management for AI to govern shadow AI applications. The solutions cover endpoints, SaaS, and cloud environments, aiming for full lifecycle security of AI applications.
CrowdStrike Falcon SIEM Integrates Third-Party EDR, First with Microsoft Defender
CrowdStrike extends Falcon Next-Gen SIEM to integrate third-party EDR tools, starting with Microsoft Defender for Endpoint. Customers can now ingest Defender telemetry into Falcon SIEM, breaking the traditional same-vendor SIEM-EDR requirement.
CrowdStrike Discloses GitHub Actions Supply Chain Attack
CrowdStrike's threat intelligence team exposed a supply chain attack on Trivy's GitHub Action, where hijacked accounts injected malware to steal credentials. The incident highlights critical risks in CI/CD third-party dependencies, urging enhanced security reviews and runtime monitoring of Actions.
CrowdStrike Discloses Tycoon2FA Phishing-as-a-Service Platform Remains Active
CrowdStrike's threat intelligence team reveals Tycoon2FA Phishing-as-a-Service platform uses reverse proxy architecture to intercept user sessions in real-time, bypassing two-factor authentication. The service operates on a subscription model offering customized phishing pages and automated tools, linked to multiple attack campaigns.
CrowdStrike and NVIDIA Integrate AI Agent Security Solution
CrowdStrike integrates Falcon AIDR with NVIDIA NeMo Guardrails to provide end-to-end protection for custom AI agents, from policy setting to runtime monitoring. The solution addresses core risks like prompt injection and data leakage through closed-loop security control.