Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CrowdStrike is proud to be named a Leader and Fast Mover in the 2025 GigaOm Radar for Security Information and Event Management (SIEM). This recognition positions CrowdStrike Falcon Next-Gen SIEM as the core of the AI-native SOC and future of security operations. CrowdStrike earned perfect 5/5 scores in key areas including Attack Surface Coverage, LLM-Based Co-Pilot and Agents, Automation, and Threat Research Units.

The one-year anniversary of July 19 marks a moment that deeply impacted our customers and partners and became one of the most defining chapters in CrowdStrike’s history. The incident impacted systems globally, and we responded with urgency and focus. That day reinforced the responsibility we’ve always carried as guardians of our customers’ digital infrastructure and trust.

Ransomware is a rapidly evolving threat, with attackers increasingly turning to remote techniques that target network shares. To help defend against these tactics, CrowdStrike Falcon Prevent endpoint security includes a capability called File System Containment, which is precision-focused to block malicious file system actions over Windows Server Message Block (SMB) shares, halting encryption as soon as possible.

SCATTERED SPIDER, an eCrime adversary, has recently broadened its target scope to include the aviation sector, in addition to its established focus on the insurance and retail industries, as observed by CrowdStrike Services. Throughout Q2 2025, SCATTERED SPIDER's activities have primarily centered on U.S.-based insurance and retail entities, along with U.K.-based retail entities.

The healthcare sector continues to be a prime target for cyber adversaries, with threat actors constantly evolving their tactics to exploit vulnerabilities. Over the past year, CrowdStrike Services responded to a growing number of financially motivated attacks aimed at encrypting data and extorting victims across the healthcare ecosystem.

As organizations adopt hybrid and multi-cloud architectures, the attack surface quickly expands, often outpacing defender’s ability to see and stop threats. This growing complexity fuels risk — creating blind spots adversaries exploit through cloud misconfigurations, excessive permissions, and unpatched vulnerabilities. These conditions allow attackers to break in, move laterally, and gain higher levels of access.

AV-Comparatives, an independent cybersecurity software testing organization, has released the results of two key evaluations of enterprise security solutions. The CrowdStrike Falcon cybersecurity platform achieved the EDR Detection Certification in AV-Comparatives’ inaugural 2025 EDR Detection Validation Test and the AV-Comparatives 2025 Mac Approved Security Award. This independent validation confirms the Falcon platform’s ability to stop breaches across the modern enterprise.

As the attack surface expands and the number of vulnerabilities grows, organizations face a new crisis: how to prioritize which vulnerabilities to fix first based on their level of risk. CrowdStrike Falcon Exposure Management addresses this challenge with new AI-powered capabilities to help defenders identify what matters most and take action with precision. New innovations include AI-powered Asset Criticality, Client-Side Attack Path Analysis, and a CrowdStrike Falcon Next-Gen SIEM integration.

We’re proud to announce that CrowdStrike has been named a Leader in the IDC MarketScape: Worldwide Cloud-Native Application Protection Platform 2025 Vendor Assessment (doc, June 2025). This recognition marks another milestone for CrowdStrike as cloud security becomes central to stopping modern cyber threats across hybrid and multi-cloud environments.

Microsoft introduced AMSI (Antimalware Scan Interface) with Windows 10 in 2015. This interface standard allows third-party security products to be integrated with applications running on a Windows PC to improve detections for fileless and script-based attacks. Naturally, adversaries immediately began efforts to defeat AMSI.