Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

October 2024

CrowdStrike Receives High Scores in 2024 Gartner Critical Capabilities for Endpoint Protection Platforms Report

This week, Gartner released its 2024 Gartner Critical Capabilities Report for Endpoint Protection Platforms (EPP) as a companion to last month’s 2024 Gartner Magic Quadrant for Endpoint Protection Platforms. We’re proud to share that CrowdStrike received the highest score in both the Core Endpoint Protection and Managed Security Services Use Cases in the 2024 Gartner Critical Capabilities Report for Endpoint Protection Platforms for the second consecutive time.

CrowdStrike Falcon Platform Supports Google Cloud's ARM-Based Axion CPUs

CrowdStrike is proud to announce cloud security support for Google Cloud’s first custom ARM-based processor, Axion, delivered by the unified, cloud-native CrowdStrike Falcon platform. This extends industry-leading protection to our customers with extensive coverage for Google Cloud environments. We are excited to collaborate with Google Cloud, which today unveils its new C4A Virtual Machines.

CrowdStrike Research Challenges Containerized Application Predictability Assumptions

Cloud workloads — and containers in particular — are often seen as immutable entities with predictable behavior. But recent CrowdStrike research suggests that some cloud security solutions rely too much on this premise, leading to suboptimal detection outcomes. CrowdStrike observes billions of container events each day. The data we collect gives us insights into real-world cloud workload behavior, which challenges these assumptions.

Falcon Identity Protection Lateral Movement: Demo Drill Down

When attackers gain valid credentials they aren’t kicking down the door to your environment — they’re using the key. See how you can stop attackers from moving laterally in your environment and ensure legitimate access with Falcon Identity Protection. CrowdStrike Falcon Identity Protection.

Protect Your Weakest Link: New Account Linking Capabilities Use AI to Thwart Identity-Based Attacks

As networks become increasingly distributed, user identities are becoming a top adversary target. CrowdStrike’s 2024 Threat Hunting Report and 2024 Global Threat Report state 5 of the top 10 MITRE tactics we observed in 2023 were identity-based, and the CrowdStrike 2023 Threat Hunting Report noted a 583% year-over-year increase in Kerberoasting attacks. These findings illustrate how modern adversaries aren’t breaking in — they’re logging in.

Falcon Foundry: Build Custom Apps to Solve Tough Security Challenges

Not all security operation centers (SOCs) are equal. They have teams of different sizes, with varying skill levels, protecting a wide range of industries around the world. However, they have a few things in common — for one, they face many of the same threats, and many SOC teams struggle with the complexity of managing several disparate tools to detect and disrupt them. As the cybersecurity industry matures, SOC teams have more options to consolidate the security tools they use.

CrowdStrike + Fortinet: Unifying AI-Native Endpoint and Next-Gen Firewall Protection

In today’s fast-evolving cybersecurity landscape, organizations face an increasing barrage of sophisticated threats targeting endpoints, networks and every layer in between. CrowdStrike and Fortinet have formed a powerful partnership to deliver industry-leading protection from endpoint to firewall.

Top FAQs about CrowdStrike Falcon Next-Gen SIEM

CrowdStrike Falcon Next-Gen SIEM enhances security operations by integrating data, AI, workflow automation and threat intelligence into a single platform with a unified console and a lightweight endpoint agent. We continue to innovate in next-gen SIEM to power SOC operations, most recently with a series of product updates announced at Fal.Con 2024. But we’re not stopping there.

Enhancing Detection Fidelity: Fight Alert Fatigue with Accurate and Reliable Detections

In today's rapidly evolving cybersecurity landscape, the importance of detection fidelity cannot be overstated. Security operations center (SOC) teams are overwhelmed by the sheer volume and complexity of alerts and challenged to differentiate genuine threats from false positives.

U.S. Department of Justice Indicts Hacktivist Group Anonymous Sudan for Prominent DDoS Attacks in 2023 and 2024

Collaboration is critical to take down today’s most advanced adversaries. CrowdStrike regularly works with law enforcement agencies and industry leaders to identify, track and stop cyber threats. We recently cooperated with the Department of Justice as part of a broader effort to disrupt two individuals heavily involved in operating Anonymous Sudan.

Detecting Microsoft Entra ID Primary Refresh Token Abuse with Falcon Next-Gen SIEM

Microsoft Entra ID Primary Refresh Tokens (PRTs) are an attractive target for threat actors because they are long-lived, they are broadly scoped and they often don’t have additional multifactor authentication requirements after they are obtained. In this blog, we will discuss what PRTs are, how they are issued and how recently released research gives threat attackers a new way to obtain them. Finally, we will examine how organizations can detect these attacks using CrowdStrike Falcon Next-Gen SIEM.

Small Business, Big Defense: Four Pillars of an Effective Cybersecurity Awareness Program

In today’s digital landscape, cybersecurity threats don’t take breaks — and neither should your small business. In fact, small and medium-sized businesses (SMBs) are prime targets, seen as easy prey due to their limited resources and often weaker security postures. But here’s the reality: Lack of resources doesn’t mean you lack options. SMBs can still build a robust defense against cyber threats without a massive security budget.

See Falcon for Mobile in Action

As mobile devices become vital to daily operations, adversaries target them as entry points into organizations. Traditional security solutions fall short in combating the rising risks posed by mobile threats. With 51% of organizations experiencing mobile app-related incidents and 64% facing significant risk from mobile devices, it's time to secure these endpoints with Falcon for Mobile, which delivers advanced threat detection and protection for both Android and iOS devices.

See Falcon Firewall Management in Action

As adversaries become more sophisticated, network security needs to be proactive and dynamic. Falcon Firewall Management provides a centralized solution to efficiently manage firewall rules across your endpoints. Experience real-time visibility, simplified rule enforcement, and powerful automation, all designed to strengthen your network defense while reducing complexity. Keep your organization protected with Falcon Firewall Management, ensuring that firewall policies are always up-to-date and ready to thwart any threat.

See Falcon Device Control in Action

In today’s threat landscape, even low-tech devices like USBs are being exploited by adversaries to launch attacks and steal data. Falcon Device Control offers comprehensive visibility and management of USB and peripheral devices, ensuring that unauthorized access is blocked and data exfiltration attempts are thwarted. With powerful policy enforcement and detailed monitoring, Falcon Device Control helps you safeguard all your endpoints across Windows and macOS systems, providing protection both online and offline.

See Falcon Prevent in Action

As adversaries evolve, so do their methods, leaving traditional antivirus solutions unable to keep up with modern threats. Falcon Prevent, CrowdStrike’s next-gen AV, leverages AI-powered Indicators of Attack and advanced memory scanning to detect and block even the most sophisticated attacks. With real-time visibility, unmatched threat intelligence, and comprehensive coverage across Windows, macOS, and Linux, Falcon Prevent ensures continuous protection both online and offline. Protect your organization with adaptive, AI-driven defense that evolves with modern adversarial techniques.

TDK Electronics Goes from Complexity to Confidence with CrowdStrike

TDK Electronics is a German manufacturer of electronic components, modules and systems. With more than 23,000 employees spread across 20 development and production sites worldwide, TDK serves a range of industries, including automotive, industrial and consumer electronics, IT and telecommunications.

CrowdStrike Named a Leader in the 2024 Forrester Wave: Attack Surface Management Solutions

CrowdStrike is proud to be named a Leader in The Forrester Wave: Attack Surface Management Solutions, Q3 2024. Our position as a Leader reinforces our belief that the rapid expansion of modern attack surfaces requires a powerful, unified solution — and CrowdStrike Falcon Exposure Management provides the critical capabilities modern organizations need.

CrowdStrike Named a Major Player in IDC MarketScape: Worldwide SIEM for Enterprise 2024

CrowdStrike is excited to announce we are named a Major Player in the IDC MarketScape: Worldwide SIEM for Enterprise 2024 Vendor Assessment.1 This marks our first appearance in a SIEM-focused analyst report since bringing CrowdStrike Falcon Next-Gen SIEM to market less than a year ago. We believe this milestone speaks volumes about our commitment to revolutionizing security operations.

CrowdStrike Empowers DevSecOps Teams to Strengthen and Streamline Cloud Security

Support for cloud security posture management (CSPM) misconfigurations: Our enhanced CSPM tools vigilantly monitor cloud infrastructures for misconfigurations, compliance violation and security gaps, providing complete visibility into security posture early in the development cycle and saving SecOps teams time.