Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Walking Through Walls: Four Common Endpoint Tools Used to Facilitate Covert C2

Adversaries continue to find new and innovative ways to penetrate an organization’s defenses. Defenders who focus on plugging these holes can find themselves exhausted and frustrated. Hunting for adversarial defense evasion for the purpose of data exfiltration and command-and-control (C2), however, remains a good strategy. Many adversaries leverage tooling to establish C2 or to enable successful data exfiltration, all while evading an organization’s defenses.

SCATTERED SPIDER Exploits Windows Security Deficiencies with Bring-Your-Own-Vulnerable-Driver Tactic in Attempt to Bypass Endpoint Security

In December, CrowdStrike reported that beginning in June 2022, the CrowdStrike Services, CrowdStrike® Falcon OverWatch™ and CrowdStrike Intelligence teams observed an increase in the targeting of telco and BPO industries. CrowdStrike Intelligence attributed this campaign with low confidence to the SCATTERED SPIDER eCrime adversary.

How to visualize your data using the LogScale API - Part One

CrowdStrike Falcon® LogScale dashboards are great for monitoring your data with all kinds of visualizations. You can choose between a range of nice charts and arrange your dashboards for wall monitor display or exploring your data. Sometimes, however, you need other ways to explore or present your data. You may want more control of the shape of your data, or you may want to create small tools tailored to your organization’s environment and use cases.

4 Ways Adversaries Hijack DLLs - and How CrowdStrike Falcon OverWatch Fights Back

Dynamic link library (DLL) hijacking is frequently written about by defenders due to its applications in evading automated detections. This technique is even more frequently used by adversaries in interactive intrusions. Despite the wealth of literature available to increase defenders’ awareness of DLL hijacking, CrowdStrike® Falcon OverWatch™ threat hunters see adversaries gravitate toward this tradecraft time and again to load malicious code.

Enterprise Remediation with CrowdStrike and MOXFIVE, Part 2: Strategies for Containing and Recovering

In Part 1 of this blog series, we highlighted the benefits of CrowdStrike’s investigative approach and the CrowdStrike Falcon® Real Time Response capabilities for avoiding a significant incident in the first place, and minimizing the damage should an attacker gain entry into your environment. We also explored a range of governance and process-oriented steps that are often left out of technology-centric discussions on incident response preparedness.

Securing your Jenkins CI/CD Container Pipeline with CrowdStrike

In any software development cycle, it is best practice to catch issues as early as possible since it both improves security and decreases the workload for both developers and security. In order to do this, CrowdStrike offers solutions for developers at build time that allow them to assess their Docker container images and review summarized report data integrated with their favorite CI/CD tools like Jenkins.

Enterprise Remediation with CrowdStrike and MOXFIVE, Part 1: Five Tips for Preparing and Planning

Timing is everything when it comes to responding and recovering from a widespread, destructive attack. As threat actors operate undetected across a victim network and get deeper into the attack lifecycle, it becomes increasingly more challenging to recover and avoid the business disruption that comes from a compromised environment.

10 Questions to Help You Choose the Right Log Management Solution

A good log management solution powers observability for security, engineering, IT and compliance teams. But with so many options available, how do you choose the right one? When evaluating potential log management solutions, start by asking these 10 questions to find the right balance of security, performance and value based on your requirements — and to reveal any limitations that could potentially hold you back.

CrowdStrike Named a Leader in Frost & Sullivan's 2022 Frost Radar for Cyber Threat Intelligence

CrowdStrike is excited to announce we have been recognized by Frost & Sullivan as a global leader in the Frost Radar™ Global Cyber Threat Intelligence Market, 2022 analysis. Earlier this year, CrowdStrike was named a leader in the 2022 SPARK Matrix for Digital Threat Intelligence Management by Quadrant Knowledge Solutions; last year, we were named a leader in The Forrester Wave™: External Threat Intelligence Services, Q1 2021.