In an effort to stay ahead of improvements in automated detections and preventions, adversary groups continually look to new tactics, techniques and procedures (TTPs), and new tooling to progress their mission objectives. One group — known as BlackCat/ALPHV — has taken the sophisticated approach of developing their tooling from the ground up, using newer, more secure languages … [Read more...] about Falcon OverWatch Contributes to BlackCat Protection
Falcon
How the Falcon Platform Modernizes Your Security Stack
The job for CIOs, CISOs and their security and IT teams may be more complex than ever in 2022. Ongoing support for hybrid workforces, coupled with the continued shift to the cloud, has expanded the threat surface. At the same time, the infrastructure and environments supporting organizations are growing ever more vulnerable. According to the National Institute of Standards and … [Read more...] about How the Falcon Platform Modernizes Your Security Stack
How the CrowdStrike Falcon Platform Automates Vulnerability Remediation
Adversaries are becoming more adept and sophisticated in their attacks. Taking advantage of vulnerabilities present in major software is often an attractive entry point for establishing a campaign within an enterprise environment. The CrowdStrike 2022 Global Threat Report highlights how adversaries continue to shift tradecraft and weaponize vulnerabilities to evade detection … [Read more...] about How the CrowdStrike Falcon Platform Automates Vulnerability Remediation
How to Automate Workflows with Falcon Spotlight
Introduction Falcon Spotlight leverages the existing Falcon Agent to assess the status of vulnerabilities across the environment. While visibility and filtering capabilities are part of the user interface, this article will document integration options that CrowdStrike provides to help customers effectively operationalize Spotlight’s vulnerability … [Read more...] about How to Automate Workflows with Falcon Spotlight
How to Defend Against Threats with Falcon Fusion and Falcon RTR
Adversaries are moving beyond malware and becoming more sophisticated in their attacks by using legitimate credentials and built-in tools to evade detection by traditional antivirus products. According to the CrowdStrike 2022 Global Threat Report, 62% of detections indexed by the CrowdStrike Security Cloud in Q4 2021 were malware-free. Adversaries are also likely to … [Read more...] about How to Defend Against Threats with Falcon Fusion and Falcon RTR
How Falcon XDR Sets the Industry Standard
Since we founded CrowdStrike, one of the things I’m proudest of is our collective ability to work with customers to lead the industry forward. Leadership is more than just being the loudest voice or making wild marketing claims. It’s about listening and working with customers to help them solve their hardest problems to achieve a common goal: stopping breaches. This week with … [Read more...] about How Falcon XDR Sets the Industry Standard
Falcon XDR: Now Available to Customers
We are thrilled to announce the general availability of CrowdStrike’s newest innovation: Falcon XDR. Founded on our pioneering endpoint detection and response (EDR) technology and the power of the CrowdStrike Security Cloud, Falcon XDR delivers the next generation of unified, full-spectrum extended detection and response (XDR) so security teams can stop breaches faster. Tackle … [Read more...] about Falcon XDR: Now Available to Customers
How to Speed Investigations with Falcon Forensics
Introduction Threat hunters and incident responders are under tremendous time pressure to investigate breaches and incidents. While they are collecting and sorting massive quantities of forensic data, fast response is critical to help limit any damage inflected by the adversary. This article and video will provide an overview of Falcon Forensics, and how it streamlines the … [Read more...] about How to Speed Investigations with Falcon Forensics
Introducing Falcon Hardware Enhanced Exploit Detection
Falcon adds a new feature that uses Intel hardware capabilities to detect complex attack techniques that are notoriously hard to detect. CrowdStrike’s new Hardware Enhanced Exploit Detection feature delivers memory safety protections for a large number of customers on older PCs that lack modern in-built protections. Once activated, the new feature detects exploits by analyzing … [Read more...] about Introducing Falcon Hardware Enhanced Exploit Detection
How to Baseline and Hunt Log4Shell with the Falcon Platform
Note: This post first appeared in r/CrowdStrike. First and foremost: if you’re reading this post, I hope you’re doing well and have been able to achieve some semblance of balance between life and work. It has been, I think we can all agree, a wild December in cybersecurity (again). At this time, it’s very likely that you and your team are in the throes of hunting, assessing … [Read more...] about How to Baseline and Hunt Log4Shell with the Falcon Platform