Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Securing private applications with CrowdStrike Zero Trust Assessment and AWS Verified Access

AWS Verified Access (AVA), a feature of Amazon Virtual Private Cloud (VPC) networking, delivers secure, zero-trust access to private applications without a VPN by continuously evaluating each request in real time based on contextual security signals like identity, device security status and location. The service grants access based on the security policy configured for each application and then connects the users, thereby improving the security posture of the organization.

New CrowdStrike Falcon Fusion Features Refine Workflow Automation for CrowdStrike Customers

CrowdStrike Falcon® Fusion is a cloud-scale, extensible security orchestration, automation and response (SOAR) framework that’s natively integrated with the CrowdStrike Falcon® platform and available to CrowdStrike customers at no added cost.

Behind the Curtain: Falcon OverWatch Hunting Leads Explained

Most hunting enthusiasts agree that the thrill of hunting lies in the chase. Equipped with experience and tools of their trade, hunters skillfully search for signs of prey — a broken twig, a track in the mud. CrowdStrike® Falcon OverWatch™ threat hunters are no different. They search for signs of their prey — of adversaries lurking in the dark — and these signs are called hunting leads.

Chaos in the Cloud: Rampant Cloud Activity Requires Modern Protection

Digital transformation isn’t only for the good guys. Adversaries are undergoing their own digital transformation to exploit modern IT infrastructures — a trend we’re seeing play out in real time as they increasingly adapt their knowledge and tradecraft to exploit cloud environments. According to the CrowdStrike 2023 Global Threat Report, observed cloud exploitation cases grew by 95% over the previous year.

CrowdStrike Congressional Testimony: 5 Recommendations to Secure the Public Sector

“We are at a point where the stakes of defensive stagnation pose increasing risks in the face of threat actors’ innovation. This is why it’s so important to continually evolve in how we prevent, detect, and respond to cyberattacks.” This excerpt from my recent testimony to Congress underscores the greatest challenge facing public sector organizations today.

CrowdStrike Brings Extended Detection and Response to New z16 and LinuxONE 4 Single Frame and Rack Mount Models

We are excited to collaborate with IBM, which today unveils its new IBM z16 and LinuxONE Rockhopper 4 single frame and rack mount models, available globally on May 17, 2023. Powered by IBM’s Telum processor, these new configurations are designed for highly efficient data centers with sustainability in mind. CrowdStrike customers can make more effective use of their data center space while remaining resilient in the midst of ongoing global uncertainty.

How Falcon OverWatch Investigates Malicious Self-Extracting Archives, Decoy Files and Their Hidden Payloads

Self-extracting (SFX) archive files have long served the legitimate purpose of easily sharing compressed files with someone who lacks the software to decompress and view the contents of a regular archive file. However, SFX archive files can also contain hidden malicious functionality that may not be immediately visible to the file’s recipient, and could be missed by technology-based detections alone.

CrowdStrike Falcon Platform Detects and Prevents Active Intrusion Campaign Targeting 3CXDesktopApp Customers

We will continue to update on this dynamic situation as more details become available. CrowdStrike’s Intelligence team is in contact with 3CX. On March 29, 2023, CrowdStrike observed unexpected malicious activity emanating from a legitimate, signed binary, 3CXDesktopApp — a softphone application from 3CX. The malicious activity includes beaconing to actor-controlled infrastructure, deployment of second-stage payloads, and, in a small number of cases, hands-on-keyboard activity.