Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

How to Secure Business-Critical Applications

As organizations move more of their business-critical applications to the cloud, adversaries are shifting their tactics accordingly. And within the cloud, it’s clear that cybercriminals are setting their sights on software applications: In fact, industry data shows 8 out of the top 10 breaches in 2023 were related to applications.

HijackLoader Expands Techniques to Improve Defense Evasion

CrowdStrike researchers have identified a HijackLoader (aka IDAT Loader) sample that employs sophisticated evasion techniques to enhance the complexity of the threat. HijackLoader, an increasingly popular tool among adversaries for deploying additional payloads and tooling, continues to evolve as its developers experiment and enhance its capabilities.

CrowdStrike Defends Against Azure Cross-Tenant Synchronization Attacks

As Microsoft Azure continues to gain market share in the cloud infrastructure space, it has garnered attention from adversaries ranging from hacktivist and eCrime threat actors to nation-state adversaries. Recent attacks on Microsoft by cloud-focused threat actors like COZY BEAR are becoming more frequent and garnering huge attention.

Architecture Drift: What It Is and How It Leads to Breaches

Cybercriminals work around the clock to discover new tactics to breach systems. Each time a digital ecosystem changes, it can introduce a weakness for a threat actor to quickly discover and exploit. As technological innovation progresses rapidly, and organizations expand their infrastructure, this weakness may take shape in the form of architecture drift. Today, we explore the concept of architecture drift: what it is, why it matters and how application security posture management (ASPM) can help.

Data Protection Day 2024: As Technology and Threats Evolve, Data Protection Is Paramount

Today’s cybersecurity landscape poses one of the most significant risks to data. This holds true for organizations of all sizes, across all industries, tasked with protecting their most essential data amid an increasingly regulated environment and faster, more innovative adversaries. Recent years have introduced a steady drumbeat of new data privacy regulations. There are now 14 U.S. states that have passed privacy laws.

CrowdStrike Named a Leader in Forrester Wave for Cloud Workload Security

Today, we’re proud to announce that Forrester has named CrowdStrike a Leader in The Forrester Wave™: Cloud Workload Security, Q1 2024, stating “CrowdStrike shines in agentless CWP and container runtime protection.” Forrester identified the 13 most significant vendors in cloud workload security and researched, analyzed and scored them based on the strengths of their current offering, strategy and market presence.

Falcon Fund in Focus: Aembit Strengthens Security for Workload-to-Workload Access

The rise of distributed cloud services and the omnipresence of APIs has caused cloud-native application architecture to become highly fragmented. Enforcing secure access is a critical step in strengthening security as IT environments become more complex — but for many organizations, ensuring secure access across this evolving architecture is a constant challenge.

Beyond Compliance: Secure Your Business in the Cloud with Falcon Cloud Security

Cloud infrastructure is subject to a wide variety of international, federal, state and local security regulations. Organizations must comply with these regulations or face the consequences. Due to the dynamic nature of cloud environments, maintaining consistent compliance for regulatory standards such as CIS, NIST, PCI DSS and SOC 2 benchmarks can be difficult, especially for highly regulated industries running hybrid or multi-cloud infrastructures.

4 Major Falcon LogScale Next-Gen SIEM Updates That Accelerate Time-to-Insights

To unlock the speed and scalability of CrowdStrike Falcon® LogScale next-gen SIEM, you must first bring your data into the powerful, cloud-native solution. And with log sources multiplying and data volumes skyrocketing, you need an easy way to collect, parse and enrich your data. Data onboarding can be complex and time-consuming in traditional SIEM tools. Data engineering teams must contend with countless evolving log sources, formats and ingestion methods.

4 Reasons Why Nonprofits Are a Target - and What You Need to Know About Cybersecurity

Small and medium-sized businesses (SMBs) are a more frequent target of cybercrime than large companies, a trend largely driven by their lack of security resources and expertise. Some SMBs are at greater risk than others: Nonprofit SMBs face a higher incidence of high and critical-severity cyberattacks compared to those in other sectors. On the surface, the frequency of attacks targeting nonprofit SMBs may seem counterintuitive.