Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CrowdStrike Falcon Adversary Overwatch: ► Detect adversaries hiding in your blind spots. Falcon Adversary Overwatch exposes threats targeting network edge devices—firewalls, routers, and infrastructure traditional security tools can’t see. Watch the demo to see how CrowdStrike detects OPERATOR PANDA in real time and stops edge-driven intrusions that quickly turn into credential theft and identity abuse before they escalate.

Adversaries exploit MFA fatigue and identity gaps to gain access. Watch how FalconID delivers security-first, phishing-resistant MFA built on the FIDO2 standard, tying authentication to a user’s enrolled device and informed by real-time risk signals across the Falcon platform.

Cloud environments have reshaped the way applications are built and the way attackers break in. Traditional security strategies centered on malware and compromised endpoints are no longer enough. In today’s cloud, adversaries increasingly rely on valid credentials, identity abuse, and native cloud capabilities to move laterally and establish persistence without ever deploying malware.

Attackers don’t break in, they log in—exploiting weak MFA with phishing and fatigue tactics. Watch how FalconID delivers security-first, phishing-resistant MFA built on FIDO2 standards and bound to the user’s trusted device.

Discover how CrowdStrike Falcon Cloud Security stops breaches with Cloud Detection & Response (CDR). Witness our Real-Time Cloud Detections in action as we identify and mitigate a sophisticated attack by LABYRINTH CHOLLIMA. Learn how our integrated threat intelligence and unified detection & response capabilities help SOC teams outpace modern cloud adversaries.

Adversaries are accelerating their tradecraft, exploiting configuration drift and operational blind spots before teams can respond. Falcon for IT transforms the CrowdStrike Falcon Platform into the unified operational engine of the enterprise, turning visibility into governed, enterprise-scale action.

It’s that time of year: The CrowdStrike 2026 Global Threat Report is live, and Adam and Cristian are here to break down the key findings. This year’s report spotlights adversaries’ heightened speed, their evolving use of AI, an increase in activity from China and North Korea, and the growth of supply chain attacks, zero-day exploitation, and cloud targeting. For new listeners, the annual Global Threat Report delivers an analysis of the modern threat landscape based on CrowdStrike's frontline observations and real-world threat intelligence from the previous year.

Your next software update could be weaponized. In this short breakdown, we examine how adversaries compromised the Notepad++ update mechanism to distribute malware and how CrowdStrike identified the activity four months before public disclosure.

Adversaries are weaponizing AI, accelerating tradecraft and moving from access to impact at machine speed. As breakout times collapse to seconds, security teams cannot rely on manual processes or static automation to keep up. Meet the CrowdStrike Agentic SOC, a new operating model built for the AI era.

Did you know there may be a blind spot in your network right now? Firewalls, routers, and edge devices often generate minimal logs by default, creating visibility gaps that adversaries can exploit. In this breakdown, we examine how a China-nexus threat group known as Operator Panda leveraged vulnerable network devices to gain access, establish persistence, and remain undetected even after patches were applied.

Your AI tools just became the perfect hiding spot for hackers. Cybercriminals have found a new attack vector: weaponizing the AI assistants your team uses every day. In this live demonstration, we show how adversaries can turn tools like Claude into persistent backdoors and how CrowdStrike Falcon stops them cold. TIMESTAMPS: WHAT YOU'LL LEARN:– How hackers exploit AI automation features to create backdoors– Why password resets and patches won't stop this attack– How behavioral detection catches threats hiding in legitimate tools– Real-time threat prevention in action.

See how CrowdStrike Falcon Next-Gen SIEM enables security teams to deploy log collectors instantly via the Falcon Sensor—without relying on traditional software distribution processes. In this demo, you’ll learn how to create a Log Collector Policy, automatically install collectors across host groups, validate installation through Falcon telemetry, and centrally manage third-party data ingestion from Fleet Management.

See how CrowdStrike Falcon Fusion SOAR Test Mode lets security teams validate workflows instantly—without live alerts or production risk. You’ll learn how to run playbooks end-to-end using past events or mock data, safely test high-cost actions like LLM analysis, and debug logic with full visibility. With built-in transform testing and mock inputs, Test Mode speeds up automation and reduces errors for faster, safer deployment.

As adversaries accelerate with GenAI and blend into legitimate cloud activity, real-time correlation between telemetry and control plane events is critical. Without it, investigations stall and visibility gaps grow. CrowdStrike delivers real-time detections and automated cloud-native response to stop adversaries in seconds. Subscribe and Stay Updated.

Threat hunting is hard to define, but Brody Nisbet, Sr. Director of CrowdStrike OverWatch, breaks down the basics in an episode that starts with the CrowdStrike OverWatch mission and dives into his stories from the front lines of threat hunting.

CrowdStrike Falcon Adversary Overwatch: ► Detect adversaries hiding in your blind spots. Falcon Adversary Overwatch exposes threats targeting network edge devices—firewalls, routers, and infrastructure traditional security tools can’t see. Watch the demo to see how CrowdStrike detects OPERATOR PANDA in real time and stops edge-driven intrusions that quickly turn into credential theft and identity abuse before they escalate.

Falcon Cloud Security Cloud Risk Rules correlate insights across your cloud environment to identify potentially dangerous states and combinations, even when individual findings appear low-severity in isolation amid the countless security risks your cloud infrastructure faces every day.

Agentic AI is moving fast into the enterprise — and with it comes new risk. OpenClaw is an open-source AI agent that can autonomously execute actions across systems, making it a powerful productivity tool and a potential enterprise backdoor if misconfigured or exposed.

Threat hunting no longer requires hours of manual research or specialized expertise. CrowdStrike Hunt Agent uses intelligence driven hunting guides and Charlotte AI to automatically detect and analyze suspicious activity in your environment. See how analysts gain instant expert insight prioritize real adversaries and uncover threats before they become incidents.

See how the Malware Analysis Agent automates complex analyst workflows, delivering actionable insights and scaling defenses across malware families.