Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

CrowdStrike Discovers Vulnerability in Flexera's FlexNet Inventory Agent (CVE-2023-29082)

CrowdStrike’s cloud security team discovered a new vulnerability (CVE-2023-29082) in Flexera’s FlexNet Inventory Agent. When exploited, an attacker can escape from a container and gain root access to the host. Exploitation of CVE-2023-29082 can allow an attacker to perform a variety of actions on objectives, including execution of malware and exfiltration of data.

How Malicious Insiders Use Known Vulnerabilities Against Their Organizations

We are well aware of the devastating effect insiders can have when using their legitimate access and knowledge to target their own organization. These incidents can result in significant monetary and reputational damages. Entities small and large, across all sectors, can fall victim to insider threats.

CrowdStrike Achieves FedRAMP JAB High "Ready" Designation

CrowdStrike is proud to announce the CrowdStrike Falcon® platform has achieved FedRAMP® High-Impact Level Ready status from the Joint Authorization Board (JAB), demonstrating our commitment to achieving the highest compliance authorization for the United States federal government and support for both the National Cybersecurity Strategy Implementation Plan (NCSIP) and the Executive Order on Improving the Nation’s Cybersecurity.

CrowdStrike Demonstrates Cloud Security Leadership at AWS re:Invent 2023

CrowdStrike is honored to be named Partner of the Year for several 2023 Geo and Global AWS Partner Awards at Amazon Web Services re:Invent 2023, where we are participating this year as a Diamond Sponsor. We are also proud to be a launch partner for AWS Built-in and achieve two AWS competencies.

CrowdStrike's View on the New U.S. Policy for Artificial Intelligence

The major news in technology policy circles is this month’s release of the long-anticipated Executive Order (E.O.) on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence. While E.O.s govern policy areas within the direct control of the U.S. government’s Executive Branch, they are important broadly because they inform industry best practices and can even potentially inform subsequent laws and regulations in the U.S. and abroad.

Eliminate Repetitive Tasks and Accelerate Response with Falcon Fusion

Adversaries are becoming more sophisticated and faster with their attacks. According to the CrowdStrike 2023 Threat Hunting Report, the average eCrime breakout time is just 79 minutes. This is partly due to adversaries taking advantage of tools that leverage automation like password-cracking tools, exploit kits for web browser vulnerabilities, and marketplaces that sell stolen data.

Endpoint and Identity Security: A Critical Combination to Stop Modern Attacks

Today’s adversaries increasingly use compromised credentials to breach target environments, move laterally and cause damage. When attackers are logging in — not breaking in — legacy endpoint security offers little help in detecting and stopping breaches. Exacerbating the problem is an expanding attack surface, largely due to the growth of remote work and evolving supply chains.

The Difference Between Securing Custom-Developed vs. Commercial Off-the-Shelf Software

Modern applications are designed to process, use and store vast amounts of sensitive data. As adversaries seek to infiltrate these applications, IT and security teams must ensure the software they use has the strongest possible security. The first step to implementing strong application security is understanding the type of application you need to protect. The two types of applications security teams must be familiar with are custom-developed software and commercial off-the-shelf (COTS) software.

5 Tips to Defend Against Access Brokers This Holiday Season

The holiday season brings a shift in how people and businesses operate: Some companies may partially shut down, leaving only a skeleton crew to manage their IT environments, while others head into their busiest time of year. This seasonal change in staffing and business operations, combined with the general holiday distraction, often creates risk and makes organizations more vulnerable to cybercrime.

CrowdStrike Brings AI-Powered Cybersecurity to Small and Medium-Sized Businesses

Cyber risks for small and medium-sized businesses (SMBs) have never been higher. SMBs face a barrage of attacks, including ransomware, malware and variations of phishing/vishing. This is one reason why the Cybersecurity and Infrastructure Security Agency (CISA) states “thousands of SMBs have been harmed by ransomware attacks, with small businesses three times more likely to be targeted by cybercriminals than larger companies.”