Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

How CrowdStrike Detects Cloud Storage Misconfigurations to Protect Valuable Data

Cloud storage misconfigurations continue to become more prevalent and problematic for organizations as they expand their cloud infrastructure, driving the importance of technologies such as cloud security posture management (CSPM) as crucial tools for protectors everywhere. Consider the recently reported public exposure of data associated with some Microsoft customers and prospects.

Evicting Typosquatters: How CrowdStrike Protects Against Domain Impersonations

Threat actors constantly unleash phishing attacks that use emails or text messages containing domains or URLs, all designed to impersonate well-known companies and trick users into visiting fake websites and entering their logon or other confidential information. Unfortunately, many users fall prey to such attacks, unknowingly giving threat actors access to their work or personal accounts.

The Force Multiplier of Correlating Your Security Telemetry

Consider this situation: A man talks on the phone with a known bank robber. He then rents a building next to a bank. Next, he buys duct tape and ski masks. Any one of these actions could be a red flag alerting police to a potential robbery. But together, they tell a more complete story of a crime in the making. Similarly, in cybersecurity, any single suspicious activity is worth investigating.

How Falcon OverWatch Hunts for Out-of-Band Application Security Testing

CrowdStrike Falcon OverWatch™ threat hunters frequently uncover security testing activity in the course of routine hunting. While much of this activity can be confidently attributed to planned and sanctioned testing, OverWatch is always careful not to discount a threat on the basis that it looks like a test. Some of the more stealthy adversaries will attempt to evade detection by mimicking or using tools and techniques commonly used by security testers.

Importing Logs with CrowdStrike Falcon LogScale Log Collector

For this how-to guide, we’ll walk through how to use the CrowdStrike Falcon LogScale Log Collector to collect and send log events to your CrowdStrike Falcon® LogScale repository. Although the log shipper supports several types of log sources (see the list here), we’ll cover the use case of collecting log events from journald.

How to Complete Your LogScale Observability Strategy with Grafana

CrowdStrike Falcon® LogScale, formerly known as Humio, provides a full range of dashboarding and live query capabilities out of the box. Sometimes, however, you’ll work in an environment where there are other solutions alongside LogScale. For example, let’s say your operations team takes an observability approach that includes metrics scraped by Prometheus, tracing with Jaeger, and dashboard visualizations with Grafana.

Discovering the Critical OpenSSL Vulnerability with the CrowdStrike Falcon Platform

OpenSSL.org has announced that an updated version of its OpenSSL software package (version 3.0.7) will be released on November 1, 2022. This update contains a fix for a yet-to-be-disclosed security issue with a severity rating of “critical” that affects OpenSSL versions above 3.0.0 and below the patched version of 3.0.7, as well as applications with an affected OpenSSL library embedded.

From Data to Deployment: How Human Expertise Maximizes Detection Efficacy Across the Machine Learning Lifecycle

Security is a data problem. One of the most touted benefits of artificial intelligence (AI) and machine learning (ML) is the speed at which they can analyze potentially millions of events and derive patterns out of terabytes of files. Computational technology has progressed to the point where computers can process data millions of times faster than a human could.