Reports
AI-generated structured vendor updates
CrowdStrike CNAPP Integrates Threat Intelligence for Risk Prioritization
CrowdStrike adds threat intelligence-based risk prioritization to CNAPP, correlating cloud risks with known adversary TTPs. Integrated with Falcon platform data, it enables security teams to prioritize vulnerabilities and misconfigurations linked to active threat actors.
CrowdStrike Launches On-Demand Security Expert Service Subscription
CrowdStrike extends its Falcon platform subscription model to professional services with Flex for Services. The offering provides on-demand access to elite security experts for threat hunting, incident response without long-term contracts. This moves product-level threat intelligence advantages to service delivery.
CrowdStrike Integrates Adversary-Informed Risk Prioritization into CNAPP
CrowdStrike has added industry-first adversary-informed risk prioritization to its Cloud Native Application Protection Platform (CNAPP), leveraging Threat Graph data to automate identification of high-risk security events and optimize SOC resource allocation.
CrowdStrike Reconstructs SOC Architecture with AI Agents
CrowdStrike's Agentic MDR service enables closed-loop detection-investigation-response via AI agents, transforming human-driven SOC into autonomous Agentic SOC architecture with deployable technical blueprint.
CrowdStrike Falcon SIEM Integrates Third-Party EDR, First with Microsoft Defender
CrowdStrike extends Falcon Next-Gen SIEM to integrate third-party EDR tools, starting with Microsoft Defender for Endpoint. Customers can now ingest Defender telemetry into Falcon SIEM, breaking the traditional same-vendor SIEM-EDR requirement.
CrowdStrike Launches AI Agent Security and Shadow AI Governance Solutions
CrowdStrike launched Falcon for AI Security for runtime protection of AI agents, and Falcon Exposure Management for AI to govern shadow AI applications. The solutions cover endpoints, SaaS, and cloud environments, aiming for full lifecycle security of AI applications.
CrowdStrike Expands Falcon SIEM to Support Third-Party EDR Tools
CrowdStrike has added support for third-party EDR tools to its next-gen SIEM, Falcon, starting with Microsoft Defender. This enables cross-vendor security data integration, improving incident response efficiency and reducing deployment complexity for enterprises.
CrowdStrike Innovations for Securing AI Agents and Shadow AI
CrowdStrike introduces new capabilities to secure AI agents and govern shadow AI across endpoints, SaaS, and cloud. This innovation extends unified security controls to address unauthorized AI usage threats, enhancing enterprise AI security architecture.
CrowdStrike Discloses Tycoon2FA Phishing-as-a-Service Platform Remains Active
CrowdStrike's threat intelligence team reveals Tycoon2FA Phishing-as-a-Service platform uses reverse proxy architecture to intercept user sessions in real-time, bypassing two-factor authentication. The service operates on a subscription model offering customized phishing pages and automated tools, linked to multiple attack campaigns.
CrowdStrike Discloses GitHub Actions Supply Chain Attack
CrowdStrike's threat intelligence team exposed a supply chain attack on Trivy's GitHub Action, where hijacked accounts injected malware to steal credentials. The incident highlights critical risks in CI/CD third-party dependencies, urging enhanced security reviews and runtime monitoring of Actions.
CrowdStrike and NVIDIA Integrate AI Agent Security Solution
CrowdStrike integrates Falcon AIDR with NVIDIA NeMo Guardrails to provide end-to-end protection for custom AI agents, from policy setting to runtime monitoring. The solution addresses core risks like prompt injection and data leakage through closed-loop security control.
CrowdStrike Integrates XIoT Security Module into Government Platform
CrowdStrike adds XIoT security module to its Falcon Platform for Government, providing integrated visibility and threat detection for OT, IoT, and IIoT assets. The solution uses lightweight sensor technology without requiring additional agents, reducing security complexity for critical infrastructure.
CrowdStrike Launches Cloud-Native Containerized Platform Falcon Raptor for Critical Infrastructure Protection
CrowdStrike launched Falcon Raptor, a cloud-native containerized platform designed for air-gapped and critical systems, integrating next-gen AV, vulnerability management, and threat hunting. It supports offline updates via USB and is paired with a government-focused Falcon Nation Suite.
CrowdStrike Deep Integrates Generative AI into Security Operations Workflow
CrowdStrike's Charlotte AI platform enables natural language interaction for threat investigation, automated incident response, and security posture analysis. It generates remediation playbooks automatically, reducing operational complexity and improving SOC team efficiency, representing a shift towards intelligent security assistants.
CrowdStrike Enhances macOS Sensor Network Visibility
CrowdStrike added network connection monitoring to its Falcon macOS sensor, capturing source/destination IPs, ports, and process correlations. This delivers Windows/Linux-level EDR visibility for threat detection against fileless attacks and lateral movement. The update aligns with unified cross-platform security strategy for hybrid Apple device protection.
CrowdStrike Extends XIoT Security to Healthcare with Vertical Focus
CrowdStrike tailored its Falcon for XIoT solution for healthcare environments, using a single lightweight agent for device discovery, vulnerability prioritization and behavior-based threat detection. The solution features non-disruptive deployment to avoid impacting critical medical equipment.
CrowdStrike Unifies SIEM and XDR Data Layers Through Single Agent Architecture
CrowdStrike integrates native log collection into Falcon Next-Gen SIEM, leveraging existing Falcon sensors to capture security logs from endpoints, workloads and cloud environments. This eliminates the need for separate log forwarders, reducing data onboarding from weeks to seconds while cutting operational overhead and attack surface.
CrowdStrike Launches Phishing-Resistant MFA for Identity Platform
CrowdStrike introduces FalconID with FIDO2/WebAuthn standards for phishing-resistant MFA, integrated with Falcon platform for contextual risk analysis. This represents strategic expansion from endpoint to identity protection.
CrowdStrike Analyzes Evolution of Typosquatting Attack Techniques
CrowdStrike's threat intelligence team published a report detailing how threat actors are refining typosquatting techniques using homoglyphs and complex subdomain strategies to evade detection. These attacks are commonly used for initial access by mimicking legitimate sites to lure users into downloading malware.
CrowdStrike Falcon Data Protection Unified Solution: Stopping GenAI Data Leaks
CrowdStrike launches Falcon Data Protection unified solution with four key innovations: GenAI data protection, unified detection, AI-powered classification, and insider threat dashboard. Solution covers browsers, local apps, Shadow AI services, and cloud data flows with 10x detection breadth. Partnership with Intel for AI-powered precision classification at device layer. Average insider threat costs organizations $17.4M.