The U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Agency (CISA) has been quite busy this year. It recently issued a “Shields Up” advisory, highlighting that “Russia’s invasion of Ukraine could impact organizations both within and beyond the region,” including the threat of malicious activity against U.S. interests and companies.

CrowdStrike recently demonstrated the power of the Falcon platform and its integrated approach to providing robust protection by exposing all attack tactics used as part of the MITRE Engenuity ATT&CK Enterprise Evaluation released in April 2022. The evaluation focused on emulating two of today’s most sophisticated Russian-based threat groups: WIZARD SPIDER and VOODOO BEAR (Sandworm Team).

Let’s face it. The information security industry loves a new acronym. For industry long-timers, a new acronym might be just the latest reason for an eye roll. For folks new to the field, it can be very confusing. A constructive way to look at XDR — extended detection and response — is as an opportunity to take a fresh look at some old problems and gain clarity.

There is a new trope in the security industry, and it goes something like this: To keep yourself safe, you need an AI-powered solution that can act on its own, and to do that, you need to keep those pesky humans away from it. As a practitioner with a track record of bringing AI to cybersecurity — not because marchitecture demands it these days but because of its actual utility to solve security problems — I find this characterization puzzling.

The weeks following the release of the MITRE Engenuity ATT&CK Evaluation can be confusing when trying to interpret the results and cut through the noise. But one thing is crystal clear in this year’s evaluation that every organization should know: The CrowdStrike Falcon® platform stands alone in delivering native identity protection capabilities that shut down adversaries and stop the breach before it even starts.

Falcon Horizon, CrowdStrike’s Cloud Security Posture Management solution, uses configuration and behavioral policies to monitor public cloud deployments, proactively identify issues and resolve potential security problems. However, customers are not limited to predefined policies. This article will review the different options for creating custom cloud security posture management policies in Falcon Horizon.

We are excited that Forrester has named CrowdStrike a “Leader” in The Forrester Wave™: Endpoint Detection and Response (EDR) Providers, Q2 2022 and recognized us as dominating in EDR while building our future in extended detection and response (XDR) and Zero Trust. We believe that to be a leader in XDR, you must first be a leader in EDR, which is why we are well-positioned to drive innovation and lead the XDR market forward.

Mistakes are easy to make, but in the world of cloud computing, they aren’t always easy to find and remediate without help. Cloud misconfigurations are frequently cited as the most common causes of breaches in the cloud. According to a 2021 survey from VMware and the Cloud Security Alliance, one in six surveyed companies experienced a public cloud security breach or incident due to a cloud misconfiguration in the previous 12 months.

CrowdStrike data science researchers recently explored and experimented with the use of Bidirectional Encoder Representation from Transformers (BERT) for embedding command lines, focusing on anomaly detection, but without detailing the model itself. Diving deeper into that research, CrowdStrike researchers explain the reasons for using BERT for command line representation and how to train the model and assess its performance.