Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

November 2022

Spotlight on the Log-Structured Merge (LSM) Tree: One of the Keys Enabling CrowdStrike to Process Trillions of Events per Day

In a previous post, our team shared our Three Best Practices for Building a High-Performance Graph Database. That was written two years ago, when CrowdStrike Threat Graph® was processing billions of events per day and storing a few petabytes of data. Fast forward to today: CrowdStrike Threat Graph now stores over 40 petabytes of data and handles trillions of events per day while routinely serving upward of 70 million requests per second.

CrowdStrike Announces Expanded Service Integrations at AWS re:Invent 2022

At AWS re:Invent 2022, CrowdStrike is announcing expanded service integrations with AWS to provide breach protection across your AWS environment, simplified infrastructure management and security consolidation. Visit us at Booth 109, Nov. 28-Dec. 2 in Las Vegas, to learn more about our comprehensive integrations with AWS.

Shifting Left with the Crowdstrike and AWS CI/CD Pipeline

CI/CD combines the practices of continuous integration (CI) and Continuous Delivery (CD) to allow DevOps teams to deliver code updates frequently, reliably, and quickly. CI/CD emphasizes automation throughout the development lifecycle (Buid, Test, Deploy). By replacing the manual efforts of traditional development, code releases can happen more frequently, and with less bugs and security vulnerabilities. At CrowdStrike, we focus on integrating security into the CI/CD pipeline. As part of the functionality of CrowdStrike’s Falcon Cloud Workload Protection (CWP), customers have the ability to create verified image policies to ensure that only approved images are allowed to progress through the CI/CD pipeline and run in their hosts or Kubernetes clusters.

Automating Threat Intelligence with CrowdStrike Falcon Intelligence: Executive Update

CEO and Co-founder George Kurtz explains how CrowdStrike is the first company to combine the protective capabilities of endpoint protection with the predictive capabilities of threat intelligence and why it is the key to stopping breaches.

CrowdStrike Cloud Infrastructure Entitlement Management (CIEM)

Identity theft and overly permissive accounts are major challenges faced by organizations in public and hybrid cloud environments. Learn how CrowdStrike Cloud Identity and Entitlement Management (CIEM) can increase the security of your cloud infrastructure while simplifying management across clouds.

CrowdStrike Cloud Infrastructure Entitlement Management (CIEM)

Identity theft and overly permissive accounts are major challenges faced by organizations in public and hybrid cloud environments. Learn how CrowdStrike Cloud Infrastructure Entitlement Management (CIEM) can increase the security of your cloud infrastructure while simplifying management across clouds.

Make Cloud Defense a Team Sport by Turning DevOps into a Force Multiplier

Enterprises are embracing cloud-native applications in the name of business agility. These applications enable developers to take advantage of the cloud’s scalability and flexibility, allow customers and developers to benefit from the increased velocity of DevOps processes and help businesses quickly react to customer needs and potentially lower their cost of deployment.

How CrowdStrike Detects Cloud Storage Misconfigurations to Protect Valuable Data

Cloud storage misconfigurations continue to become more prevalent and problematic for organizations as they expand their cloud infrastructure, driving the importance of technologies such as cloud security posture management (CSPM) as crucial tools for protectors everywhere. Consider the recently reported public exposure of data associated with some Microsoft customers and prospects.

Evicting Typosquatters: How CrowdStrike Protects Against Domain Impersonations

Threat actors constantly unleash phishing attacks that use emails or text messages containing domains or URLs, all designed to impersonate well-known companies and trick users into visiting fake websites and entering their logon or other confidential information. Unfortunately, many users fall prey to such attacks, unknowingly giving threat actors access to their work or personal accounts.

The Force Multiplier of Correlating Your Security Telemetry

Consider this situation: A man talks on the phone with a known bank robber. He then rents a building next to a bank. Next, he buys duct tape and ski masks. Any one of these actions could be a red flag alerting police to a potential robbery. But together, they tell a more complete story of a crime in the making. Similarly, in cybersecurity, any single suspicious activity is worth investigating.

How to Protect Against Domain Impersonation with Falcon Intelligence Recon Typosquatting

Malicious actors leverage a technique called typosquatting to trick users into believing a falsified domain is legitimate. The fake domain can be used to trick users into visiting malicious site or trusting an email that they have received. CrowdStrike Falcon Intelligence Recon provides the ability to monitor for when key terms are identified in newly created or changed domains. This can be used to monitor brands or identify when a fraudulent domain is being used.

How to Defend Against Threats with Falcon Intelligence

In this video, we will demonstrate the power of the automated threat intelligence available with Falcon Intelligence. Having sandbox analysis available directly in the CrowdStrike UI provides security teams with more context to make security decisions while also making them more efficient and effective given their limited time and resources.

CrowdStrike's Approach to Artificial Intelligence and Machine Learning

CrowdStrike combines human and machine intelligence to uncover new threats and enable high fidelity detections. Machine learning is implemented across the process lifecycle in the CrowdStrike platform. In this demonstration we will dive into how machine learning is used and how it can benefit your organization’s security.

How Falcon OverWatch Hunts for Out-of-Band Application Security Testing

CrowdStrike Falcon OverWatch™ threat hunters frequently uncover security testing activity in the course of routine hunting. While much of this activity can be confidently attributed to planned and sanctioned testing, OverWatch is always careful not to discount a threat on the basis that it looks like a test. Some of the more stealthy adversaries will attempt to evade detection by mimicking or using tools and techniques commonly used by security testers.