Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Discovering and Blocking a Zero-Day Exploit with CrowdStrike Falcon Complete: The Case of CVE-2023-36874

CrowdStrike Counter Adversary Operations is committed to analyzing active exploitation campaigns and detecting and blocking zero-days to protect our customers. In July 2023, the CrowdStrike Falcon® Complete managed detection and response (MDR) team discovered an unknown exploit kit leveraging a still-unknown vulnerability affecting the Windows Error Reporting (WER) component.

CrowdStrike Debuts Counter Adversary Operations Team to Fight Faster and Smarter Adversaries as Identity-Focused Attacks Skyrocket

CrowdStrike is proud to announce the launch of CrowdStrike Counter Adversary Operations, a newly formed, first-of-its kind team that brings together CrowdStrike Falcon® Intelligence and the CrowdStrike® Falcon OverWatch™ threat hunting team to disrupt today’s adversaries and ultimately raise their cost of doing business.

CrowdStrike Scores 100% in SE Labs Q2 2023 Enterprise Advanced Security Detection Test, Wins AAA Award

The CrowdStrike Falcon® platform recently earned the SE Labs AAA award by delivering 100% attack detection with zero false positives in the Q2 2023 SE Labs Enterprise Advanced Security (EAS) test. The platform achieved perfect scores across every evaluation category. This year’s evaluation presented a unique challenge to testing participants. SE Labs tested solutions to a full kill chain attack, from initial contact through reconnaissance, data exfiltration and lateral action.

CrowdStrike Named a Leader that "Delivers World-Class Threat Intelligence" in 2023 Forrester Wave

We’re excited to share that Forrester has named CrowdStrike a Leader in The Forrester Wave™: External Threat Intelligence Services Providers, Q3 2023. CrowdStrike received the highest ranking of all vendors in the Current Offering category, with the highest score possible in 16 criteria, surpassing all other vendors evaluated in the report.

Prevention Is the Best Preparation for the SEC's New Breach Disclosure Rules

The U.S. Securities and Exchange Commission (SEC) this week voted to adopt new rules for how companies inform investors about cybersecurity concerns. The vote comes after years of gradually increasing guidance and scrutiny over companies’ handling of cybersecurity events and follows a lengthy comment period where companies, including CrowdStrike, provided input.

Adversaries Can "Log In with Microsoft" through the nOAuth Azure Active Directory Vulnerability

On June 20, 2023, Descope published research detailing how a combination of a flaw in Azure Active Directory and poorly integrated third-party applications — dubbed “nOAuth” — could lead to full account takeover. nOAuth is the latest in a large number of vulnerabilities and architectural weaknesses in Microsoft software and systems like Active Directory that can be exploited and put organizations at risk.

CrowdStrike Expands XDR Ecosystem to Give Customers a Data Advantage

Cybersecurity is fundamentally a data problem. As adversary techniques continue to mature, organizations still struggle to collect the right data from all their security and IT point products to detect and respond to evolving threats. CrowdStrike offers a clear data advantage in the cybersecurity market.

How to Augment or Replace Your SIEM with the CrowdStrike Falcon Platform

In Part 1 of our SIEM blog series, we discussed the state of SIEMs today and how CrowdStrike Falcon® LogScale solves five key SIEM use cases while improving security outcomes and cost savings compared to traditional SIEMs. Our conversations with customers have made it clear: SIEM requirements don’t stop at the five use cases covered in that blog. Modern SIEM systems extend beyond log management to deliver full threat detection, investigation and response.

Why Customers Are Consolidating Cybersecurity with CrowdStrike

As adversaries continue to evolve their tactics and techniques, organizations are scrambling to shore up their security posture. Security teams have historically turned to point products to fill gaps in their defenses, driving the issue of tool sprawl: The average enterprise deploys 45 cybersecurity-related tools, according to the Ponemon Institute. When it comes to security, more tools often create more problems. Point products are rarely integrated, even when they come from the same vendor.

Falcon Insight for ChromeOS: The Industry's First Native XDR Offering for ChromeOS

In recent years, ChromeOS device usage among businesses has seen a significant uptick, particularly in its adoption across verticals, from schools to large enterprises. According to recent IDC research, 16% of North American organizations have ChromeOS devices1 and the percentage is only expected to increase. The success of ChromeOS devices like Chromebooks can be attributed to built-in security, simple management and premium performance.