Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Malicious actors leverage a technique called typosquatting to trick users into believing a falsified domain is legitimate. The fake domain can be used to trick users into visiting malicious site or trusting an email that they have received. CrowdStrike Falcon Intelligence Recon provides the ability to monitor for when key terms are identified in newly created or changed domains. This can be used to monitor brands or identify when a fraudulent domain is being used.

In this video, we will demonstrate the power of the automated threat intelligence available with Falcon Intelligence. Having sandbox analysis available directly in the CrowdStrike UI provides security teams with more context to make security decisions while also making them more efficient and effective given their limited time and resources.

What do high-profile incidents like SolarWinds SUNBURST, Codecov bash uploader, Log4Shell, ua-parser-js, or the more recent IconBurst all have in common? They’re all supply chain attacks... except one. Exploding interest in the security of the software development lifecycle from the media, industry analysts, vendors, and agencies, has left the rest of us, developers and security engineers, with many confusing definitions for supply chain attacks.

NPM Dependency Confusion Join us in this livestream as we learn about NPM Dependency Confusions and what it is. If you have ever been confused about the topic, then this video will explain it you, as well as give you some practical examples. Didn't catch the live stream? Ask all of your Snyk questions and we’ll do our very best to answer them in the comment section. Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

Get an inside look into how CrowdStrike’s industry-leading technology, intelligence and expertise detects and stops the most advanced attacks.

CrowdStrike combines human and machine intelligence to uncover new threats and enable high fidelity detections. Machine learning is implemented across the process lifecycle in the CrowdStrike platform. In this demonstration we will dive into how machine learning is used and how it can benefit your organization’s security.

Penetration testing is an effective way to detect flaws in your application before they turn into a serious threat, helping you better understand the applications attack surface. But in the always-on economy there comes a problem - traditional pen testing delivery takes weeks to set up and the results are point in time, which leaves critical application vulnerabilities exposed longer than it should - given the average time for a threat actor to weaponize a new vulnerability is only 7 days.

Illicit forums and dark web marketplaces are so closely guarded that it’s almost impossible to know how many stolen user accounts, digital assets, or data leaks are exposed, let alone who is responsible. But the more we can uncover, the better we can defend against attacks and hold threat actors accountable.

Building JavaScript applications today means that we take a step further from writing code. We use open-source dependencies, create a Dockerfile to deploy containers to the cloud, and orchestrate this infrastructure with Kubernetes. Welcome - you're a cloud native application developer! As developers, our responsibility has broadened, and more software means more software security concerns for us to address.

When conducting incident response, EDR and firewall technologies can only show you so much. The breadth of network traffic provides an unrivalled source of evidence and visibility. Open-source security technologies such as Zeek, Suricata, and Elastic can deliver powerful network detection and response capabilities, furthermore the global communities behind these tools can also serve as a force multiplier for security teams, often accelerating response times to zero-day exploits via community-driven intel sharing.