Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

August 2022

Defense Against the Lateral Arts: Detecting and Preventing Impacket's Wmiexec

Impacket’s wmiexec.py (“wmiexec”) is a popular tool used by red teams and threat actors alike. The CrowdStrike Services team commonly sees threat actors leveraging wmiexec to move laterally and execute commands on remote systems as wmiexec leverages Windows native protocols to more easily blend in with benign activity.

Getting Started Guide: Falcon Long Term Repository

Limited data retention resulting from financial or technological constraints makes it hard for security teams to see the complete history of an attack. This lack of full context about a threat — or a potential threat — eventually catches up with organizations, leading to longer dwell times and increased risk of a breach.

The Anatomy of Wiper Malware, Part 2: Third-Party Drivers

In Part 1 of this four-part blog series examining wiper malware, we introduced the topic of wipers, reviewed their recent history and presented common adversary techniques that leverage wipers to destroy system data. In Part 2, CrowdStrike’s Endpoint Protection Content Research Team discusses how threat actors have used legitimate third-party drivers to bypass the visibility and detection capabilities of security mechanisms and solutions.

GitOps and Shift Left Security: The Changing Landscape of DevSecOps

Application developers have always had a tricky balance to maintain between speed and security, two requirements that may often feel at odds with each other. Practices that increase speed also pressure development teams to ensure that vulnerable code is identified and remediated without slowing development. As companies embrace digital transformation initiatives, the need to weave better security into developers’ workflows has only grown clearer.

CrowdStrike Wins Technology Innovation Leadership Award, Continues Dominance in Endpoint Security Market

CrowdStrike is proud to receive Frost & Sullivan’s 2022 Global Technology Innovation Leadership Award in the endpoint security sector. This recognition reflects CrowdStrike’s continued investment to drive innovation and deliver more value to its customers through its industry-leading Falcon platform.

Why XDR Should Be on Your Roadmap for SOC Success

Fighting modern adversaries requires having a modern security operations center (SOC), especially as organizations move to the cloud. To protect their estates against tomorrow’s threats, security professionals have often turned to more data sources and adding more security monitoring tools in their operations, both in the pursuit of maximizing their attack surface visibility and reducing time to detect and respond to threats.

The Anatomy of Wiper Malware, Part 1: Common Techniques

This blog post is the first in a four-part series in which CrowdStrike’s Endpoint Protection Content Research Team will dive into various wipers discovered by the security community over the past 10 years. Our goal is to review in depth the various techniques employed by wipers that target the Windows operating system.

Improving CrowdStrike Falcon Detection Content with the Gap Analysis Team

CrowdStrike is always looking for innovative ways to improve detection content for our customers. We believe a multifaceted approach that combines customer input, standardized testing and internal research is necessary to stop breaches today and in the future. At CrowdStrike, we never rest, because neither does the adversary.

Why XDR Must Start with EDR: Join the Discussion with CrowdStrike and Guest Forrester Research

In the cybersecurity industry, understanding the value and impact of the critical technology we use to keep organizations safe can often become lost in translation. This is undoubtedly the case with extended detection and response (XDR), where the continued misuse of the term has created more market confusion than clarity. The definition of XDR varies depending on who you ask.

Securing Our Nation: How the Infrastructure Investment and Jobs Act Delivers on Cyber Resiliency

Attacks and intrusions on our nation’s vital infrastructure — our electrical grid, water systems, ports and oil supply — are on the rise. For example, as reported by the Pew Charitable Trust in March 2021, hackers changed the chemical mixture of the water supply in Oldsmar, Fla., increasing by 100 times the level of sodium hydroxide (lye) in the water supply.