Endpoint Security & XDR

Time is of the essence when it comes to protecting your data, and often, teams are sifting through hundreds or thousands of alerts to try to pinpoint truly malicious user behavior. Manual triage and r[…]

The #1 global managed detection and response (MDR) provider and pioneer continues to dominate. Today, CrowdStrike was named a Leader in the 2024 IDC MarketScape: Worldwide Managed Detection and Respon[…]

Preventable breaches are a common problem. According to research by Nagomi, a leader in the nascent field of automated security control assessment, 80% of breached organizations already had a tool in […]

CrowdStrike wins third consecutive Best Endpoint Detection and Response 2024 Award from SE Labs The award recognizes that the CrowdStrike Falcon® platform demonstrates consistent results in detecting […]

As a global cybersecurity industry leader and a Research Partner for the MITRE Engenuity Center for Threat-Informed Defense, CrowdStrike provided expertise and thought leadership to two of the Center […]

At CrowdStrike, we’re on a very simple mission: We stop breaches. It’s easy for us to make this claim but challenging to put into practice and maintain day in and day out. Still, we know with absolute[…]

At CrowdStrike, we are relentlessly researching and developing new technologies to outpace new and sophisticated threats, track adversaries’ behavior and stop breaches. As today’s adversaries continue[…]

I recently had the opportunity to speak with three CrowdStrike customers who shared their stories on why they consolidated on the CrowdStrike Falcon® XDR platform and the benefits of CrowdStrike’s tec[…]

HijackLoader continues to become increasingly popular among adversaries for deploying additional payloads and tooling A recent HijackLoader variant employs sophisticated techniques to enhance its comp[…]

Small and medium-sized businesses (SMBs) are a more frequent target of cybercrime than large companies, a trend largely driven by their lack of security resources and expertise. Some SMBs are at great[…]

If a picture is worth a thousand words, the 2023 Gartner® Magic Quadrant™ for Endpoint Protection Platforms says it all. Today, I’m incredibly honored and proud to announce CrowdStrike has been named […]

A new IDC white paper, “The Business Value of The CrowdStrike Falcon XDR Platform,” sponsored by CrowdStrike, highlights the substantial operational benefits, cost savings and ROI that organizations a[…]

The MITRE Engenuity Center for Threat-Informed Defense created a public adversary emulation library in 2020 as adversary emulation plans comprising MITRE ATT&CK® tactics and techniques are essential t[…]

Today’s security practitioners face a daunting challenge: Staying ahead of sophisticated adversaries who have turned their attention to the expansive terrain of cloud environments. CrowdStrike observe[…]

Since announcing Charlotte AI, we’ve engaged with many customers to show how this transformational technology will unlock greater speed and value for security teams and expand their arsenal in the fig[…]

For many cybersecurity leaders, the most intimidating threat they encounter isn’t an adversary — it’s the daunting prospect of trying to win over key business stakeholders and obtain vital budget. Esp[…]

In the 2023 SE Labs Enterprise Advanced Security (EDR) Ransomware test, the AI-native CrowdStrike Falcon® platform achieved a 100% ransomware protection rating and scored a 100% EDR rating. Testing wa[…]

Like so many legacy technologies, legacy data loss prevention (DLP) tools fail to deliver the protection today’s organizations need. Implementation challenges, visibility gaps and inconsistent policie[…]

Mobile devices have become critical endpoints for accessing enterprise applications, systems and data. Adversaries know this all too well, as evidenced by the growing numbers of attacks that target mo[…]

CrowdStrike has been named a Leader in The Forrester Wave™: Endpoint Security, Q4 2023, the latest recognition in a string of accolades for our market-leading cybersecurity solutions delivered from th[…]

The risk of cyberattacks continues to grow for small to medium-sized businesses (SMBs). Today, a staggering 70% of cyberattacks target SMBs, a scourge that cost organizations with fewer than 500 emplo[…]

CrowdStrike customers tend to stay with CrowdStrike, typically starting with endpoint detection and response (EDR), then expanding to other attack surfaces as they consolidate their cybersecurity with[…]

We couldn’t be prouder that CrowdStrike achieved the highest coverage across the last two consecutive MITRE Engenuity ATT&CK® Evaluations. We achieved 100% protection, 100% visibility and 100% analyti[…]

Cybersecurity is about speed. The faster you can detect an attack, the faster you can respond and stop adversaries in their tracks — and they are steadily growing quicker and more sophisticated, with […]

At CrowdStrike, our mission is to stop breaches. We’re constantly researching and developing new technologies to stay ahead of sophisticated threats and stop adversaries from advancing their attacks. […]

Organizations must find ways to unify disjointed tools and mitigate their cybersecurity risk as threats become more sophisticated and siloes impede visibility. Today’s adversaries are getting faster —[…]

CrowdStrike is a Research Partner with the MITRE Engenuity Center for Threat-Informed Defense and actively participates in the Center’s research into proactive cybersecurity defense As a global leader[…]

If you still rely on legacy antivirus software to stop modern cyberattacks, this post is for you. Today’s adversaries are relentless. While many threat actors have adopted newer techniques such as dat[…]

CrowdStrike is expanding access to its market-leading managed detection and response (MDR) service, CrowdStrike Falcon® Complete. With the announcement of Falcon Complete for Service Providers, CrowdS[…]

As a Research Partner for the MITRE Engenuity Center for Threat-Informed Defense, CrowdStrike was involved in the development of a new version of the Threat Report ATT&CK Mapper (TRAM) CrowdStrike pro[…]

Hospitals are seeking creative ways to fund technology and cybersecurity protection measures amid a perfect storm of operational challenges that affect quality of care. These include: Rising Costs: Ho[…]

The CrowdStrike Falcon® platform achieved 100% attack detection with zero false positives in the Q2 2023 SE Labs Enterprise Advanced Security (EAS) test, earning the AAA award for its perfect performa[…]

You don’t have a malware problem — you have an adversary problem. CrowdStrike has relentlessly focused on finding and stopping the humans behind cyberattacks. Today, we’re launching a new series that […]

The modern adversary is relentless. Today’s threat actors target global organizations with increasingly sophisticated attacks. As we’ve said since the founding of CrowdStrike: “You don’t have a malwar[…]

Cybersecurity is fundamentally a data problem. As adversary techniques continue to mature, organizations still struggle to collect the right data from all their security and IT point products to detec[…]

As adversaries continue to evolve their tactics and techniques, organizations are scrambling to shore up their security posture. Security teams have historically turned to point products to fill gaps […]

In recent years, ChromeOS device usage among businesses has seen a significant uptick, particularly in its adoption across verticals, from schools to large enterprises. According to recent IDC researc[…]

SIEMs play a crucial role in the modern SOC: They allow you to collect, correlate and analyze log data and alerts for security and compliance. Yet, despite their value, SIEMs have struggled to keep up[…]

CrowdStrike Falcon® Pro for Mac achieved 100% Mac malware protection in the May 2023 AV-Comparatives Mac Security Test This 2023 win marks the sixth consecutive year that CrowdStrike Falcon Pro for Ma[…]

CrowdStrike researchers use machine intelligence to categorize zero-day malware by using behavioral data, pre-defined Threat Type groups, and supervised and unsupervised clustering and similarity asse[…]

Managing security posture at scale is a significant challenge for global organizations of all sizes. With a rapidly expanding security estate and a global worker gap of 3.4 million, according to (ICS)[…]

CrowdStrike has pioneered the use of artificial intelligence (AI) since we first introduced AI-powered protection to replace signature-based antivirus over 10 years ago, and we’ve continued to deeply […]

On April 27, 2023, Microsoft announced the end of support for Windows 10, making 1022H2 the final version of the operating system. In the announcement, Microsoft outlined that Windows 10 will continue[…]

After completing extensive tests designed to evaluate the tampering resistance of enterprise security solutions, the CrowdStrike Falcon® platform has achieved certification in the AV-Comparatives Anti[…]

CrowdStrike is announcing new AI-powered indicators of attack (IoA) models, designed to combat advanced adversary tradecraft, available later this year. AI-powered IoAs use machine intelligence to sto[…]

Cybersecurity, privacy and data flows will be key topics at this year’s G7 in Japan. Against this backdrop, it has been a year since last year’s amendments to the Act on Protection of Personal Informa[…]

Adversarial machine learning (ML) attacks can compromise a ML model’s effectiveness and ability to detect malware through strategies such as using static ML evasion to modify known malware variants Cr[…]

Are you getting the most from your data? Collecting data from across your environment can provide security teams with the visibility needed to detect and respond to threats, but large volumes of data […]

Each day, enterprise and public sector IT teams face new challenges when managing hybrid work for networks of hundreds, or even thousands, of users. A more distributed workforce means an increased rel[…]

CrowdStrike Falcon® Fusion is a cloud-scale, extensible security orchestration, automation and response (SOAR) framework that’s natively integrated with the CrowdStrike Falcon® platform and available […]

The U.S. Transportation Security Administration (TSA) is taking proactive measures to protect the nation’s transportation system by issuing new cybersecurity requirements for airports and aircraft ope[…]

CrowdStrike today introduced CrowdStrike Falcon® Complete XDR, a new managed extended detection and response (MXDR) service that builds on the industry-leading CrowdStrike Falcon® Complete managed det[…]

New features in CrowdStrike Falcon® Device Control deliver enhanced data identification and enable investigation into data loss and exfiltration activities through USB devices. New file metadata capab[…]

We are excited to collaborate with IBM, which today unveils its new IBM z16 and LinuxONE Rockhopper 4 single frame and rack mount models, available globally on May 17, 2023. Powered by IBM’s Telum pro[…]

CrowdStrike researchers work tirelessly to stay a step ahead of even the most sophisticated adversaries, with an elevated profile that includes becoming a Research Partner in the MITRE Engenuity Cente[…]

After extensive testing and analysis, the AV-TEST Institute has named CrowdStrike Falcon® Pro for Mac the Best MacOS Security Product for Business for 2022. AV-TEST completed its evaluation of macOS s[…]

CrowdStrike analyzed an I2Pminer variant that targets macOS The mineware utilizes I2P to hide XMRig network traffic The CrowdStrike Falcon® platform provides continuous protection against mineware thr[…]

CrowdStrike maintains endpoint security market leadership with a #1 ranking in IDC’s 2021-2022 report, and has been awarded Best Endpoint Detection and Response and Best Product Development by SE Labs[…]

Threat actors constantly evolve their tactics and techniques to circumvent security solutions. Working at the cutting-edge of detection engineering, CrowdStrike rapidly tracks and observes these evolu[…]

Malware gets the headlines, but the bigger threat is hands-on-keyboard adversary activity which can evade traditional security solutions and present detection challenges Machine learning (ML) can pred[…]

Cybercriminals more frequently target small and medium-sized businesses (SMBs) than large companies, often due to SMBs’ lack of security resources SMBs in the not-for-profit and transportation sectors[…]

Hybrid working models have increasingly become the normal way of doing business. Employees are working from anywhere, users and their devices are moving on and off the office network, and many applica[…]

The cybersecurity threats facing small and medium-sized businesses (SMBs) are real and growing. The FBI’s Internet Crime Complaint Center reports a majority of the 800,000+ complaints they received re[…]

GuLoader is an advanced malware downloader that uses a polymorphic shellcode loader to dodge traditional security solutions CrowdStrike researchers expose complete GuLoader behavior by mapping all emb[…]

Time and again, analyst reports, independent tests and numerous other awards and acknowledgements affirm CrowdStrike is a leader in cybersecurity. Why is this important? Because when CrowdStrike is #1[…]

Following CrowdStrike’s strong performance in the first-ever MITRE ATT&CK® Evaluations for Security Managed Services Providers with 99% detection coverage, we take a deep dive into the testing process[…]

As organizations increasingly face malware attacks that target macOS, detecting and preventing attacks without disruption caused by false positives and false warning messages is increasingly important[…]

Deloitte (U.S/Global), a leader in managed security services, recently announced the global availability of MXDR by Deloitte — a managed extended detection and response suite of offerings (U.S./Global[…]

CrowdStrike is a Research Partner in the MITRE Engenuity Center for Threat-Informed Defense and also a Research Participant in the Center’s Defending IaaS with ATT&CK® research project This project’s […]

Consider this situation: A man talks on the phone with a known bank robber. He then rents a building next to a bank. Next, he buys duct tape and ski masks. Any one of these actions could be a red flag[…]

Machine learning models trained on both human expertise and machine intelligence are essential to synthesizing today’s volume of intelligence and maximizing model efficacy CrowdStrike’s machine learni[…]

The CrowdStrike Falcon® platform achieved 100% protection accuracy and 100% legitimacy accuracy with zero false positives, winning SE Labs’ first-ever endpoint detection and response (EDR) ransomware […]

CrowdStrike is deepening its commitment to advancing the security ecosystem leading the future of protection by becoming a top-tier partner in the MITRE Center for Threat-Informed Defense research pro[…]

Cybercrime is a big problem for small businesses, and the risk of advanced threats continues to grow. This Cybersecurity Awareness Month, learn how to protect your SMB or nonprofit from attacks that t[…]

Sandbox Scryer is an open-source tool for producing threat hunting and intelligence data from public sandbox detonation output The tool leverages the MITRE ATT&CK Framework to organize and prioritize […]

Fighting modern adversaries requires having a modern security operations center (SOC), especially as organizations move to the cloud. To protect their estates against tomorrow’s threats, security prof[…]

CrowdStrike is proud to receive Frost & Sullivan’s 2022 Global Technology Innovation Leadership Award in the endpoint security sector. This recognition reflects CrowdStrike’s continued investment to d[…]

This is the first blog post in a four-part series. Read Part 2 | Part 3 | Part 4. This blog post is the first in a four-part series in which CrowdStrike’s Endpoint Protection Content Research Team wil[…]

CrowdStrike is excited to announce the release of the Open Cybersecurity Schema Framework (OCSF) project, a collaborative open-source effort among cybersecurity and technology leaders to break down si[…]

AI-powered indicators of attack (IOAs) are the latest evolution of CrowdStrike’s industry-first IOAs, expanding protection with the combined power of cloud-native machine learning and human expertise […]

SSL certificates grant authentication to your websites or domains and are critical for ensuring proper encryption of internet traffic and verified server identity. Without these certificates, end user[…]

Attacks and intrusions on our nation’s vital infrastructure — our electrical grid, water systems, ports and oil supply — are on the rise. For example, as reported by the Pew Charitable Trust in March […]

The increase in attack sophistication coupled with the decline of skilled security staff continues to put pressure on organizations and their teams by minimizing their ability to effectively see and c[…]

The CrowdStrike Falcon®® platform takes full advantage of the power of the CrowdStrike Security Cloud to reduce high-cost false positives and maximize detection efficacy to stop breaches CrowdStrike c[…]

CrowdStrike is proud to be ranked No. 1 in the IDC Worldwide Corporate Endpoint Security Market Shares, 2021 report (doc #US48580022, May 2022). We are grateful to our customers and partners for helpi[…]

CrowdStrike analyzed a new browser hijacking campaign that targets MacOS The purpose of the campaign is to inject ads into the user’s Chrome or Safari browser The CrowdStrike Falcon® platform provides[…]

On May 27, 2022, a remote code execution vulnerability was reported affecting the Microsoft Windows Support Diagnostic Tool (MSDT) The vulnerability, which is classified as a zero-day, can be invoked […]

CrowdStrike is proud to announce its recognition as an Overall Leader with the highest rating in the 2022 KuppingerCole Leadership Compass for vendors in the Endpoint Protection, Detection & Response […]

CrowdStrike Falcon®® achieves the maximum score of 18 points in the first 2022 AV-TEST MacOS evaluation for business users AV-TEST is an independent research institute for IT security that performs qu[…]

CrowdStrike is a Research Sponsor and contributor for the new Top ATT&CK Techniques project — an initiative of the Center for Threat-Informed Defense, a non-profit, privately funded research and devel[…]

In the recent MITRE Engenuity ATT&CK Enterprise Evaluation, CrowdStrike demonstrated the power of its unified platform approach to stopping breaches. Facing attack emulations from the highly sophistic[…]

CVE-2022-23648, reported by Google’s Project Zero in November 2021, is a Kubernetes runtime vulnerability found in Containerd, a popular Kubernetes runtime. It lies in Containerd’s CRI plugin that han[…]

CrowdStrike Falcon® Fusion automates and accelerates incident response by orchestrating sandbox detonations to automatically analyze related malware samples and enrich the results with industry-leadin[…]

The CrowdStrike Falcon® platform delivers 100% prevention across all nine steps in the MITRE Engenuity ATT&CK® Enterprise Evaluation CrowdStrike extends endpoint and workload protection by fully integ[…]

“We were asked to disable identity protection capabilities to let the testing proceed — and still achieved 100% prevention.” The weeks following the release of the MITRE Engenuity ATT&CK Evaluation ca[…]

“CrowdStrike dominates in EDR while building its future in XDR and Zero Trust.” — The Forrester Wave™: Endpoint Detection and Response Providers, Q2 2022 We are excited that Forrester has named CrowdS[…]

A novel methodology, BERT embedding, enables large-scale machine learning model training for detecting malware It reduces dependency on human threat analyst involvement in training machine learning mo[…]

“We were asked to disable identity protection capabilities to let the testing proceed — and still achieved 100% prevention.” The CrowdStrike Falcon®® platform delivers 100% prevention across all nine […]

Threat actors are continuously honing their skills to find new ways to penetrate networks, disrupt business-critical systems and steal confidential data. In the early days of the internet, adversaries[…]

Threat actors continue to exploit users, devices and applications, especially as more of them exist outside of the traditional corporate perimeter. With employees consistently working remotely, advers[…]

With chaos seemingly surrounding us in security, it can be hard to cut through the noise. How do you detect and prioritize evolving threats and what tools should you use to address them? With new atta[…]

Alert overload is practically a given for security teams today. Analysts are inundated with new detections and events to triage, all spread across a growing set of disparate, disconnected security too[…]

On Feb. 23, 2022, a new wiper malware was reported targeting Ukraine systems The wiper destroys files on infected Windows devices by corrupting specific elements of connected hard drives CrowdStrike I[…]

The job for CIOs, CISOs and their security and IT teams may be more complex than ever in 2022. Ongoing support for hybrid workforces, coupled with the continued shift to the cloud, has expanded the th[…]

Extended detection and response (XDR) solutions deliver powerful capabilities to help security teams fight adversaries by increasing visibility, simplifying operations and accelerating identification […]

CrowdStrike continuously observes and researches exploit behavior to strengthen protection for customers Code execution techniques constantly target Windows, Linux and macOS operating systems Successf[…]

Remote working has exposed companies to greater levels of insider risk, which can result in data exfiltration, fraud and confidential information leakage CrowdStrike is a founding sponsor and lead con[…]

Adversaries are moving beyond malware and becoming more sophisticated in their attacks by using legitimate credentials and built-in tools to evade detection by traditional antivirus products. Accordin[…]

We are thrilled to announce the general availability of CrowdStrike's newest innovation: CROWDSTRIKE FALCON® XDR. Founded on our pioneering endpoint detection and response (EDR) technology and the pow[…]

The Cybersecurity and Infrastructure Security Agency (CISA) warns of potential critical threats similar to recent cyberthreats targeting Ukraine U.S. companies are advised to implement cybersecurity m[…]

Suspicious command lines differ from common ones in how the executable path looks and the unusual arguments passed to them Bidirectional Encoder Representations from Transformers (BERT) embeddings can[…]

Malware targeting Linux systems increased by 35% in 2021 compared to 2020 XorDDoS, Mirai and Mozi malware families accounted for over 22% of Linux-targeted threats observed by CrowdStrike in 2021 Ten […]

Organizations need to stay ahead of the ever-evolving security landscape. It’s no secret that Zero Trust security is crucial for successful endpoint protection. Due to the rapid transition to a remote[…]

Falcon adds a new feature that uses Intel hardware capabilities to detect complex attack techniques that are notoriously hard to detect. CrowdStrike’s new Hardware Enhanced Exploit Detection feature d[…]

CrowdStrike is proud to announce that Armis, Cloudflare and ThreatWarrior have joined the open CrowdXDR Alliance. The addition of these industry leaders enhances XDR with telemetry from cloud, network[…]

Log4Shell, the latest critical vulnerability, found in the Log4j2 Apache Logging Services library, poses a serious threat to organizations Active attempts to exploit the vulnerability were identified […]

Extended detection and response (XDR) is all the rage these days. It seems like almost every security vendor now claims to offer XDR functionality. But are those claims based in reality? The fact is t[…]

The CrowdStrike Falcon® platform achieves 100% attacks detected in new Advanced Security Test (EDR) from SE Labs This SE Labs test demonstrated that CrowdStrike’s Zero Trust module, Falcon Identity Th[…]

CrowdStrike wins the prestigious SE Labs “Best Endpoint Detection and Response” 2021 award. This marks CrowdStrike’s second consecutive year winning Best EDR from SE Labs, the highly regarded independ[…]

ECrime activities dominate the threat landscape, with ransomware as the main driver Ransomware operators constantly refine their code and the efficacy of their operations CrowdStrike uses improved beh[…]

CrowdStrike and Rockwell Automation have announced a partnership to help joint customers secure the expanded threat surface of the industrial control systems (ICS) and operational technology (OT) cont[…]

Golang malware popularity snowballs, increasing by 80% from June to August 2021 eCrime turns to Golang because of its versatility, enabling cross-compiling for other operating systems Cryptocurrency m[…]

Noisy alerts caused by an increased number of rules for detecting malicious behavior overburden security analysts. Alert fatigue happens when an overwhelming number of alerts desensitize the security […]

“CrowdStrike's cloud platform, Falcon, and lightweight agent have rated well with enterprises that are under attack and must deploy rapidly across a large and diverse endpoint footprint.”1 According t[…]

CrowdStrike Falcon® receives new recognition from AV-Comparatives, a prestigious independent third-party testing institution In AV-Comparatives Real-World Protection Test, Falcon achieved 99.7%, and z[…]

Popular NPM package with over 7 million weekly downloads was compromised and used to distribute cryptocurrency miners and password stealers NPM library is used by developers to publish and download no[…]

What is efficacy, and why are independent tests necessary? What is the difference between MITRE ATT&CK® TTPs and the cyber kill chain? How can I distinguish between benign and malicious techniques? Ho[…]

We are thrilled to announce that Forrester named CrowdStrike a “Strong Performer” in The Forrester New Wave™: Extended Detection And Response (XDR) Providers, Q4 2021, its New Wave market evaluation o[…]

This announcement is part of the Fal.Con 2021 CrowdStrike Cybersecurity Conference, Oct. 12-14. Register now for free to learn all about our other exciting new products and partnerships! Our mission a[…]

This announcement is part of the Fal.Con 2021 CrowdStrike Cybersecurity Conference, Oct. 12-14. Register now for free to learn all about our other exciting new products and partnerships! Security pros[…]

This announcement is part of the Fal.Con 2021 CrowdStrike Cybersecurity Conference, Oct. 12-14. Register now for free to learn all about our other exciting new products and partnerships! When it comes[…]

Automation is on the rise, with more organizations using digital workers — or software “robots” — to take on mundane repetitive tasks, to automate business processes and to streamline operations. As a[…]

CrowdStrike is excited to announce a newly formed global partnership with Verizon to bring to market integrated cybersecurity, managed services and risk management capabilities that empower customers […]

There’s no stopping when it comes to scaling your business, so why should your security remain stagnant? With your organization constantly expanding and your IT and security stack increasing in tools,[…]

2017 Magniber ransomware makes a comeback using the same methods: exploiting unpatched vulnerabilities on South Korean victims In July 2021, CrowdStrike identified Magniber ransomware attempting to us[…]

The concept of Zero Trust has recently gained popularity, as the global pandemic has fundamentally changed many aspects of work and business, including cybersecurity. Organizations of all sizes are be[…]

We’re proud to be a Titanium Sponsor for Black Hat USA 2021, Aug. 2-5, and we have lots in store, both in person and virtually. If you’ll be onsite in Las Vegas, stop by Booth #1836 for a chance to ge[…]

The new award demonstrates the ability of the CrowdStrike Falcon® platform to protect against real-world threats using the power of machine learning and behavioral detection CrowdStrike is committed t[…]

CrowdStrike Falcon® Pro™ for Mac recently won a fourth consecutive Approved Security Product award from leading independent testing organization AV-Comparatives, achieving 99.8% Mac malware protection[…]

This blog was originally published March 20, 2020 on humio.com. Humio is a CrowdStrike Company. This week, John talks with Miguel Adams, a Security Engineer at a US government agency. Miguel shares hi[…]

Kaseya, makers of popular IT software used by managed service providers (MSPs), was recently affected by a REvil ransomware attack CrowdStrike associates REvil ransomware to the PINCHY SPIDER threat a[…]

For years, ransomware was a nuisance that impacted individuals who were unfortunate enough to encounter it via banking trojans, exploit kits or phishing attacks and resulted in a large number of small[…]

The CrowdStrike Services team is excited to announce the release of AutoMacTC 1.2.0 to the community. AutoMacTC was originally released in March 2019 to help incident responders investigate intrusions[…]

Right from Day One, CrowdStrike has embraced a partner-first and community driven approach to protect customers against modern cyberattacks. It’s no secret that CrowdStrike has built a strong, diverse[…]

Countless headlines report what we already know all too well: No matter how advanced cybersecurity prevention tools are, with enough motivation, time and resources, adversaries will eventually devise […]

CrowdStrike analysts recently began researching and leveraging User Access Logging (UAL), a newer forensic artifact on Windows Server operating system that offers a wealth of data to support forensic […]

Recent high-visibility ransomware attacks — such as the disruption of a major U.S. East Coast fuel pipeline caused by DarkSide ransomware — underscore how critical it is for companies to protect thems[…]

CrowdStrike has long emphasized the importance of identifying, triaging and remediating threats in line with our 1-10-60 framework. This framework is designed to provide a benchmark for security teams[…]

Every security operations center (SOC) is different and has unique traits; however, most share similar challenges. Each SOC has its own set of security tools, some use internal or external expertise, […]

The year 2020 will be known as one of hyper-accelerated digital transformation, marked by organizations delivering many years’ worth of migrations and implementations over an accelerated time period. […]

Greenhill, an investment bank with global clients, estimates it has reduced alerts by 75% and saved $300,000 annually following deployment of CrowdStrike Falcon®️ products. Early on, its CIO knew the […]

The evolution of today’s remote workforces requires organizations to establish comprehensive and reliable cybersecurity strategies and operations to stay on top of the increasingly complex cyber risk […]

AAA rating In Q1 SE Labs Enterprise Endpoint Protection report 100% legitimate accuracy rating 100% protection against targeted attacks Track record of 10 AAA ratings in SE Labs Enterprise Endpoint pr[…]

MacOS is ubiquitous in enterprise environments, with no signs of slowing down. Recent IDC analysis shows macOS devices have reached a whopping 23% utilization in enterprises (with 1,000+ employees) du[…]

Virgin Hyperloop, a global startup with a world-changing mass transit vision and the intellectual property (IP) to make it happen, remediates “no malware whatsoever” after deploying CrowdStrike Falcon[…]

How will your security team react when a sophisticated adversary has you in their sights? Will your team act in time to stop the breach? In last year’s MITRE Engenuity ATT&CK® Evaluation vs. COZY BEAR[…]

With cloud adoption surging and workforces becoming increasingly remote, it is more critical than ever for organizations to maintain comprehensive real-time visibility of their digital assets — regard[…]

The third round of the MITRE Engenuity ATT&CK® Evaluation program has been released, highlighting once again that CrowdStrike customers are protected in the face of adversaries operating in the real w[…]

Ransomware is hardly new, but several recent high-profile cases underscore that it not only remains a persistent threat, it’s also a growing one. The “great pivot” to remote work in 2020 increased the[…]

In our interconnected world, the growth of threats to industrial control systems (ICS) and operational technology (OT) continues to rise, putting organizations and critical infrastructure at risk of a[…]

With today’s workforce moving outside of the physical office, modern security architectures have moved away from the “hard exterior, soft interior” model where there is a well-defined perimeter that i[…]

If all threats were equal, it might be possible to make the entire remediation process autonomous. But all cybersecurity professionals know that threats and incidents vary in complexity and potential […]

As attack surfaces grow and threats become more sophisticated, your SOC team is challenged with detecting, understanding and containing an attack faster than ever to protect the organization from crit[…]

“I’ve looked at a number of them. Falcon Complete is the most complete security model I’ve seen.“ — CISO, Building Products What benefits are you seeing for your cybersecurity investments? Are they wo[…]

There’s another alert. It’s the 587th one that your security operations center (SOC) has received just today. Is it a threat actor working their way through your enterprise, an attack that was success[…]

Read about the acquisition of Humio here. People in our industry joke about buzzword bingo when attending a conference or listening to a vendor presentation. Some of the best and worst buzzwords are a[…]

Organizations face a myriad of risks brought about by the digital transformation of their business. These risks include digital fraud, data theft exposure, social media impersonations and phishing att[…]

A new, significant vulnerability was recently discovered, hiding in plain sight. CVE 2021-3156, also known as Baron Samedit, is considered potentially serious. The Cybersecurity & Infrastructure Secur[…]

At CrowdStrike, our mission is to stop breaches. For us to be successful in our mission, not only do we rigorously test our product internally against the latest real-world threats discovered by the C[…]

There’s nothing like the pressure incident responders encounter when an attacker attempts to breach their organization. They often struggle with numerous tools and manual, time-consuming efforts to co[…]

This blog is primarily aimed at software development engineers in test (SDETs) who are testing Java applications, specifically focusing on how they can tackle an encapsulated, tightly coupled project […]

This year, Apple announced a major overhaul of macOS calling it “the biggest update to design in more than a decade.” The version number jumped from macOS 10.x to 11.0, and it touches every element of[…]

CrowdStrike is thrilled to be attending the AWS re:Invent 2020 virtual event as an AWS Partner Network (APN) sponsor and delighted to be named as a launch partner for the recently announced AWS Networ[…]

CSOs, CISOs and security professionals everywhere are contending with a “new normal” due to the global pandemic. Employees are increasingly working from home, an abrupt and often unplanned shift for m[…]

This eye-opening discussion exposes the real threats targeting global election processes and, more broadly, democracies around the world. Shawn Henry, CrowdStrike Chief Security Officer and President […]

Fal.Con 2020 is almost here, and the Fal.Con 2020 virtual experience has already started! You can now log in to the event environment to customize Fal.Con according to your interests and goals — build[…]

Proving safety is challenging in any industry, whether you’re talking about automobiles, baby furniture or protective helmets. It requires special equipment and knowledge around how things can fail in[…]

A serious and potentially dire patch warning has been issued by the Department of Homeland Security (DHS) advisory team, the Cybersecurity and Infrastructure Security Agency (CISA). The alert, labeled[…]

The global pandemic has security pros everywhere grappling with a “new normal.” As if more staff suddenly working remotely hasn’t been enough to deal with, many infosec conferences have gone virtual, […]

The following is an article that was originally published in Intelligent CIO Magazine and is republished here with its consent. With cybercriminals intent on exploiting organizations to regain access […]

CrowdStrike continues to deliver a variety of innovative solutions from trusted technology partners, and we’ve just added three new applications from Illumio, Obsidian and SecurityAdvisor. These appli[…]

Black Hat 2020 will be a virtual event for the first time in its 23-year history, and CrowdStrike is thrilled to be a Titanium sponsor for this iconic conference. Even though this year’s event is virt[…]

As organizations deal with newly remote workers and business uncertainty, prevention is more important than ever. Cyberattackers are looking to capitalize on the current climate and seek vulnerabiliti[…]

Throughout 2019 and the beginning of 2020, the CrowdStrike® Falcon CompleteTM team continuously observed a spike in the delivery of weaponized disk image files. Files such as ISO and IMG were sent to […]

For many organizations, the rapid transition to an entirely remote workforce due to shelter-in-place orders has brought on a slew of sudden and profound cybersecurity challenges. On one hand, organiza[…]

We did it again. In the May 2020 Gartner Peer Insights “Voice of the Customer” Endpoint Detection and Response Solutions (EDR), CrowdStrike is once again the highest-rated vendor based on overall rati[…]

One of the biggest challenges facing security investigators is creating a full picture of a threat, piecing together disparate pieces of information that may occur across a range of time and hosts. At[…]

With offense-focused methodologies being created around “living off the land” and “bring your own land,” we would like to cover a somewhat overlooked concept: “staying off the land.” This simple conce[…]

A new on-demand webcast, “Cybersecurity in the Time of COVID-19,” features CrowdStrike® CTO Mike Sentonas, VP of Intelligence Adam Meyers and Sr. Director of Product Management Brian Trombley as they […]

Due to the global COVID-19 pandemic, an increasing number of workers are sequestered at home while continuing their regular duties using online collaboration tools. Cybersecurity has become a primary […]

While cybersecurity professionals continue to make huge strides in protecting organizations, all the technology in the world can’t completely protect users and assets — it also requires caution and co[…]

“Customers buy an EDR solution for its detection capabilities, and there simply are no other vendors in the space that have an intelligence organization of CrowdStrike’s scale to enable the developmen[…]

Extraordinary times call for extraordinary responses. As companies around the world respond to the challenge posed by COVID-19 by recommending or requiring remote work for employees, CrowdStrike wants[…]

Microsoft recently disclosed a critical vulnerability (CVE-2020-0601) that could be leveraged for a wide range of malicious actions including spoofing trusted websites or software. The word “critical”[…]

An on-demand webcast featuring CrowdStrike Sr. Engineer Zeki Turedi and Mercedes-AMG Petronas Head of IT Matt Harris details why speed, just as in Formula One racing, is a critical element in effectiv[…]

Organizations face enormous challenges in prioritizing, understanding and responding quickly to a deluge of alerts triggered by a wide range of modern threats. CrowdStrike’s new CrowdScoreTM capabilit[…]

In the latest Customer’s Choice recognition for endpoint protection platforms (EPP), CrowdStrike has the highest overall rating among vendors named a November 2019 Gartner Peer Insights Customers’ Cho[…]

A new survey conducted by Lloyds Banking Group reveals that improving cybersecurity ranks as the top concern for banks, edging out last year’s priorities of reducing operating costs and improving cust[…]

A new report from independent research firm Vanson Bourne titled The 2019 Global Security Attitude Survey studies how organizations assess their cybersecurity readiness in the face of an increasingly […]

The CrowdStrike® Store continues to execute on its vision of extending the power of the Falcon platform for our customers and partners. Today, we are proud to announce an exciting lineup of new third-[…]

CrowdStrike® continues to demonstrate its commitment to protecting our customers by introducing new innovations and additions to the CrowdStrike Falcon®® platform — the leading cloud-native cybersecur[…]

Payback Period of Under Three Months “CrowdStrike delivers superior exploit and behavioral detection capabilities, and its OverWatch service provides proactive threat hunting to uncover the most steal[…]

Gartner just released its 2019 Critical Capabilities for Endpoint Protection Platforms (EPP) report, showing CrowdStrike® with the highest overall score out of 20 vendors for Type A use case. Type A o[…]

Marsh, one of the world’s leading insurance broker and risk adviser, has named CrowdStrike® as a recipient of its first-ever “Cyber Catalyst" designations. CrowdStrike achieved designations for Falcon[…]

CrowdStrike secures the highest possible score in seventeen criteria and the top score overall in the strategy category. “CrowdStrike has the most fully featured endpoint security suite with an EDR li[…]

Traditionally, information technology (IT) and operational technology (OT) environments have been separate, with their networking and security requirements managed by two different teams within the or[…]

A recent article in CSO Australia by David Braue is titled “Businesses Risk Becoming “Collateral Damage” in Nation-State Cyber Wars.” The author interviewed CrowdStrike CSO Shawn Henry on why organiza[…]

We are thrilled and honored to be positioned as a “Leader” in the 2019 Gartner Magic Quadrant for Endpoint Protection Platforms (EPP). This recognition from Gartner, which we believe is among the most[…]

We are thrilled that the CrowdStrike Falcon®® platform continues to receive stellar evaluations in third-party testing. Our recent participation in several highly-regarded industry evaluations reflect[…]

Stealthy and Powerful CrowdStrike frequently observes adversaries using valid account credentials across the attack lifecycle. In fact, credential dumping, an illegal way to obtain account credentials[…]

Sometimes we humans are faced with problems so pervasive and persistent that it is difficult to even recognize them as problems. We assume the situation cannot be improved and simply fail to seek a re[…]

Dr. Sven Krasser, CrowdStrike® chief scientist, has called machine learning (ML) the first line of defense against modern threats. That statement, which he made a couple of years ago, is even truer to[…]

This article originally appeared on InformationWeek.com and is published here with their permission. As security breaches continue to impact the bottom lines of major businesses and institutions aroun[…]

The Challenge The increasing sophistication and frequency of adversary infiltration and exploit attacks has forced many organizations to play a continuous high-stakes version of “whack-a-mole” with th[…]

A recent article on Dark Reading by CrowdStrike VP of Intelligence Adam Meyers is titled “The Big E-Crime Pivot.” It puts forth the argument that cybercriminals “have begun to recognize that enterpris[…]

This article appeared in Security Brief, New Zealand and is republished here with their permission. Mobile phones have a huge impact on the day-to-day lives and the way one communicates with the world[…]

This article, “Life Beyond Malware,” originally appeared on ITProPortal and is published here with their permission. The traditional cybersecurity model is an outdated one, focused on building up the […]

“The endpoint protection market is undergoing its biggest transformation in the last 20 years.” — Gartner, the leading research and advisory company worldwide In a recent report titled, “Prepare for E[…]

An article on CSO India titled “Cyber Espionage Shows No Signs of Slowing Down,” by Soumik Gosh, presents CrowdStrike® VP of Technology Strategy Mike Sentonas’ views on the growth of espionage as an o[…]

This article was originally published on CSO, April 30, 2019 If you’re living off the land, there are a few different methods you can use to survive, but you need to use what you find where you are. Y[…]

A new on-demand webcast features CrowdStrike Vice President of Managed Services Austin Murphy, and Sr. Product Director Con Mallon as they discuss how organizations can leverage technology and speed t[…]

Update: CrowdStrike's 2020 Global Threat Report is now available. Download the report to stay ahead of today's adversaries. The CrowdStrike® 2019 Global Threat Report: “Adversary Tradecraft and the Im[…]

In this blog, former ADP Staff Vice President and Chief Security Officer Roland Cloutier discusses why ADP chose the CrowdStrike Falcon® platform and explains the powerful advantages the CrowdStrike® […]

What in the world does stopping breaches have to do with Formula One™ racing? Quite a bit, actually. As a long time follower of Formula 1™ racing, I am excited by CrowdStrike's partnership with Merced[…]

Gartner just published its Gartner Peer Insights "Voice of the Customer" for Endpoint Protection Platforms report and CrowdStrike® is the highest-rated vendor (4.9 out of 5). Gartner Peer Insights is […]

The popularity of legitimate cryptomining is being challenged by the rise of cryptojacking — its criminal cousin. The earning potential of a successful cryptojacking attack has made it an attractive p[…]

Media coverage of cybersecurity breaches would lead us to believe that sophisticated, targeted attacks are reserved for well-known enterprise organizations. Searching the Internet for data breaches of[…]

Social engineering continues to be exploited by hackers and feared by security teams. Due to attackers’ subtlety and users’ natural curiosity, hackers succeed daily in baiting users to click on a link[…]

An edited version of this blog was published as an article in Teiss on December 12, 2018. Graph databases are having a bit of a moment in cybersecurity. With recent releases from industry juggernauts […]

CrowdStrike delivers the most proactive detections, visibility, and context in MITRE ATT&CK™ Evaluation testing. At CrowdStrike, we believe strongly in third-party product testing and evaluations. Sin[…]

The MITRE ATT&CK™ framework is an ambitious initiative that is working to bring clarity to how we talk about cyberattacks. CrowdStrike® is proud to support MITRE’s efforts to bring standardization to […]

We are excited about some fantastic recognition we received today, when CrowdStrike® was named in the 2018 Gartner Peer Insights Customers’ Choice for Endpoint Protection Platforms. Although the Gartn[…]

This article was first published on November 4, 2018 in The Security Ledger and is republished with permission. Skilled operators make all the difference in incident response and threat hunting. With […]

Image above is a screenshot of the CrowdStrike CVE-2018-4407 dashboard for macOS (click for larger image) The recent discovery of the Remote Code Execution (RCE) vulnerability CVE-2018-4407 in Apple’s[…]

Mac enterprise networks are not as common as Windows environments. As a result, detailed information about targeted adversary intrusions against Mac networks is somewhat limited compared to other oper[…]

While there is much discussion today about potential weaknesses in the hardware supply chain, given the recent attacks attributed to China, the software supply chain has already proven to be vulnerabl[…]

PowerShell is a scripting language originally designed to automate Windows administrative tasks. In addition to running its native commands, it can call DLL functions, access any .NET framework type o[…]

CrowdStrike® recently recognized several of its valued customers as winners of the first CrowdStrike Customer Excellence Awards. They were announced on September 19 at the Fal.Con POWER UP 2018 cybers[…]

CrowdStrike® is proud to announce today that it has officially received Federal Risk and Authorization Management Program (FedRAMP) authorization for the CrowdStrike Falcon® on GovCloud solution. Crow[…]

Since its inception as Qatar’s first private bank in 1974, Commercial Bank has forged a reputation for growth and innovation to attract sophisticated customers in one of the world’s most affluent nati[…]

An on-demand CrowdStrike® webcast titled “Security at the Speed of DevOps” offers an in-depth examination of the security implications that accompany organizations’ rapid adoption of DevOps as they re[…]

As CrowdStrike® continues its mission of stopping breaches by harnessing the cloud to deliver the most powerful and effective cybersecurity on the planet, I’m excited to share with you the incredible […]

A new global software supply chain survey from CrowdStrike®, conducted by independent research firm Vanson Bourne, reveals that cyberattacks are increasingly targeting the software supply chain, creat[…]

"CrowdStrike understands and articulates the problem of combating sophisticated actors better than anyone." We've always known that to be true, now Forrester has confirmed it. These are the exact word[…]

The Buyer’s Dilemma It’s no secret that cybersecurity has become a crowded marketplace, particularly in the last several years. The endpoint protection market, for instance, now has more than 140 vend[…]

Gartner just released its inaugural Critical Capabilities for Endpoint Protection Platforms (EPP) report, showing CrowdStrike® with the highest overall score, out of 21 vendors for use case Type A or […]

Guest blogger Steve Chabinsky, former CrowdStrike General Counsel and Chief Risk Officer, now serves as Global Chair of the Data, Privacy and Cybersecurity practice at White & Case LLP. For those not […]

From the very beginning, CrowdStrike® set out on its mission to stop breaches by harnessing the power of the cloud. The cloud has transformed the IT landscape, allowing customers to deploy new service[…]

There is a sea change underway in the security industry. Organizations are moving away from legacy antivirus (AV) solutions because they are too slow, too complex and ultimately ineffective against mo[…]

Part 1 of this series, “The Business Perspective,” examined how to build a cybersecurity capability from the ground up by starting with the basic governance aspects of information security. It explain[…]

A new article by CrowdStrike Director of Product Marketing Scott Taschler, published on Dark Reading, discusses how the key metric known as “breakout time” sets the bar for how quickly security teams […]

“Where should I invest in security if I’m starting from scratch?” That’s a question CrowdStrike Services clients frequently ask us. We hear it from small businesses trying to weave security into their[…]

Formbook is a tool that has been available for purchase from criminal forums for several years — it’s used to steal information from a victim’s environment. Recently CrowdStrike® Falcon Intelligence™ […]

The impending enforcement of the General Data Protection Regulation (GDPR) on May 25, 2018 has many organizations scrambling to ensure compliance before the clock runs out. Since cybersecurity will be[…]

In a recent article on LinkedIn titled, “Addressing The Third Generation of Cyber Conflict,” CrowdStrike CTO and Co-founder Dmitri Alperovitch offers his analysis of the evolution of cyber conflict, d[…]

Since the inception of the CrowdStrike Falcon® platform, an API-first approach has always been a key strategy for providing customers with a robust solution that can easily integrate into any existing[…]

Technology expert and author Dan Woods has published a series of articles in Forbes magazine that explore how companies can build effective, balanced cybersecurity portfolios. In his latest article in[…]

Click here for larger image The Spectre-Meltdown CPU design flaws continue to make news. CrowdStrike® security expert Alex Ionescu addressed these flaws in a recent blog, explaining that Spectre-Meltd[…]

A recent report from IT research and analysis firm Gartner offers new insights and perspective on the current state of endpoint security. In its report, titled “Redefining Endpoint Protection for 2017[…]

For almost two decades, the world of endpoint security was business as usual. Early on, the products worked pretty well, but in the past two years, the market started to change. As the bad guys found […]

This blog originally appeared as an article in PC World on October 13, 2017, written by Michael Sentonas, VP Technology, CrowdStrike®. It is reproduced with their permission. In the last 12 months, 60[…]

The Health Insurance Portability and Accountability Act (HIPAA) has big consequences for organizations of all sizes. Companies and institutions that don’t guard employees’ healthcare data may be subje[…]

A recent interview with CrowdStrike VP of Product Marketing Dan Larson, for the CyberWire Daily Podcast, focuses on “zero-day” attacks and how organizations can prepare for these stealthy and damaging[…]

Robin Jackson, principal consultant for CrowdStrike, has had extensive experience investigating some of today’s most prolific threat actors. He’s also done security research for a number of organizati[…]

A recent article in Information Age, titled “As the digital and physical worlds collide it’s time for a security refresh,” offers cybersecurity readiness advice from Mike East, CrowdStrike’s vice pres[…]

CrowdStrike® added a prestigious award to its many achievements when CEO and co-founder, George Kurtz, was named Ernst & Young (EY) Entrepreneur of the Year in the security category for Northern Calif[…]

Computer Business Review recently published an interview with CrowdStrike® Chief Scientist Dr. Sven Krasser, “Machine learning in cybersecurity: The first line of defense against modern threats,” in w[…]

Decluttering Your IT “Desk” There is an old adage that claims “a messy desk is the sign of genius.” Although many of us desk jockeys live by this creed, applying the “pile-system” (organization by cre[…]

One of the findings in the 2017 Verizon Data Breach Investigations Report (DBIR) is that only 51 percent of cyberattacks involve malware. The remaining 49 percent represent a major vulnerability conce[…]

SANS Institute analysts have published a review of the CrowdStrike Falcon® platform, offering valuable third-party insight into Falcon capabilities to protect organizations from today’s most dangerous[…]

The trouble with dwell time Dwell time, the period between when an attack occurs and when it is discovered, continues to be a serious problem for security professionals. The most recent Ponemon cost o[…]

Blog updated: May 14th In this screenshot example from the Falcon UI, the detection process tree shows that the malicious file associated with WannaCryptor was launched from explorer.exe. The global r[…]

Although machine learning (ML) isn’t a new concept — it actually dates back to the origins of the computer itself — it has received more attention lately as cybersecurity vendors increasingly extol it[…]

Though PCs still dominate the workplace, Macs continue to gain ground as the platform of choice for many organizations. As an indication of this growing Mac popularity, an article in Computerworld sta[…]

Organizations have long been aware of their vulnerability when it comes to email and yet phishing scams continue to be profitable, as criminal hackers develop more sophisticated methods for thwarting […]

Recent reports of SCADA/ICS proof-of-concept ransomware have spurred fresh discussion on the topic. Few threats exceed the level of concern that ransomware generates in the minds of corporations. Ther[…]

A recent article on DarkReading.com, titled “4 Reasons Why You Should Take Ransomware Seriously,” outlines the persistence of ransomware as a significant threat to organizations, and explains why it w[…]

"Visionaries not only believe that the impossible can be done, but that it must be done." — Bran Ferren. I am thrilled to announce that Gartner has named CrowdStrike a “Visionary” in the 2017 Magic Qu[…]

Earlier this year, CrowdStrike released Falcon Orchestrator as a contribution to the open source community. By leveraging the robust Falcon Connect API ecosystem, organizations can easily extend the F[…]

Benjamin Franklin wisely stated that, “An ounce of prevention is worth a pound of cure.” In keeping with this timeless principle, one can’t help wondering what is required to provide appropriate preve[…]

“Twofer” has entered into the lexicon of everyday use. The Urban Dictionary defines it as the opportunity to receive the value of two, for the price, effort or quantity of one. Who wouldn’t find that […]

Security teams in the private and public sector are increasingly recognizing the need to actively “hunt” for threats targeting their organizations. Larger, well resourced organizations may have the ab[…]

Leading analyst firm Gartner has recently published a comparative assessment called Comparison of Endpoint Detection and Response Technologies and Solutions*. This is the first direct competitive anal[…]

For the last few years, the security industry has become very enamored with Indicators of Compromise (IOCs) as a way to detect targeted intrusions and adversaries that are flying right past traditiona[…]

All too often, I hear from executives of large and small organizations that aside from targeted attacks, impact from ransomware is their number one concern. That impact was starkly highlighted earlier[…]

Introduction For as long as there have been people using the World Wide Web, criminal groups have tried to extort money for performing or withholding some type of action. One of the earliest threats w[…]

Across all of the nation-state targeted attacks, insider thefts, and criminal enterprises that CrowdStrike has investigated, one thing is clear: logs are extremely important. Event logs from individua[…]

It can be difficult to distinguish between “next-generation” endpoint security solutions currently available. Usually the technology lags marketing by a significant margin, and the marketing mostly so[…]

A comprehensive Next-Generation Endpoint Protection strategy shouldn’t just be about reacting and responding to threats, but also be complemented by the ability to prevent such threats from successful[…]

When you’re in charge of protecting not only your company’s critical business information, but also that of your company’s customers, there’s no option for a security breach. Brian Kelly, Chief Securi[…]

April is an unbelievably busy month for IT security professionals. In addition to daily online combat with bears, kittens, pandas, and other adversaries, this month is full of security conferences. Fr[…]

Introduction The Chopper Web shell is a widely used backdoor by Chinese and other malicious actors to remotely access a compromised Web server. Deployment of the Chopper shell on the server is fairly […]

Corporations suffered more cyber attacks in 2014 than ever before, causing the loss of business intelligence and personally identifiable information at an alarming rate. As a result, confidentiality i[…]

Many of my team members know that one of my favorite parts of running CrowdStrike is meeting with customers. It’s always fascinating to hear from customers about the challenges they face on a day-to-d[…]

Over the past year, the security industry has seen a renewed interest in Machine Learning and related techniques. The increased availability of threat and intelligence feeds has contributed to this tr[…]

In this blog post, we’ll take a look at an example of a typical targeted attack with OS X malware as well as discover how to hunt for it in CrowdStrike’s Falcon Endpoint Activity Monitoring (EAM) appl[…]

Recently, while analyzing a targeted attack, CrowdStrike observed an interesting code invocation technique that we want to describe here. This particular technique can be used to invoke code that has […]

Attending Black Hat USA 2013? From briefings and trainings to adversary detections and book signings, CrowdStrike will be there in full force! See below for a full list of events to see CrowdStrike in[…]