Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CrowdStrike Falcon Cloud Security now delivers real-time detections for AWS IAM Identity Center, helping organizations detect and respond to identity-driven cloud threats before they escalate. A few months ago, we released CrowdStrike Falcon Identity Protection support for AWS IAM Identity Center to help organizations detect and stop identity-based attacks before they could reach the cloud control plane.

Securing cloud environments at runtime is no easy feat. Unlike traditional infrastructure, cloud workloads are dynamic, ephemeral, and often span multiple platforms — making continuous visibility a moving target. Adversaries continue to set their sights on cloud: According to the CrowdStrike 2025 Global Threat Report, new and unattributed cloud intrusions were up 26% year-over-year in 2024, indicating more threat actors seek to exploit cloud services.

Applying robust security measures to automated software development is no longer a luxury but a necessity. CrowdStrike data scientists have developed an AI-driven, multi-agent proof of concept that leverages Red Teaming capabilities to identify vulnerabilities in code developed by AI agents. While it is still in the research stage, our work shows this advanced AI technology has the potential to revolutionize software security.

CrowdStrike has won the 2025 Google Cloud Security Partner of the Year Award for Workload Security, recognizing our leadership in securing cloud environments at scale. Announced at Google Cloud Next 2025, the award highlights our commitment to joint innovation and delivering best-in-class protection for Google Cloud customers. As part of this growing partnership, we also introduced new CrowdStrike Falcon Cloud Security enhancements purpose-built for Google Cloud environments.

We’re excited to share that CrowdStrike Falcon Cloud Security now offers enhanced tools to help secure artificial intelligence (AI) development, simplify AI security posture management, and quickly respond to AI threats. These updates have been developed in collaboration with NVIDIA since August 2024.

Identity is at the center of the fight against adversaries. As threat actors weaponize legitimate credentials and sell access to the highest bidders, organizations must proactively detect and secure exposed identities to shut down potential attack paths before they can be exploited.

We would like to recognize Amit Serper, Travis Lowe, Tony Gore, Adrian Godoy, Mihai Vasilescu, Suraj Sahu, Pablo Ramos, Raj Jammalamadaka, Lacie Griffin, and Josh Grunzweig for their contributions in authoring this publication. CrowdStrike is committed to protecting our customers from the latest disclosed vulnerabilities. We are actively monitoring activity surrounding “IngressNightmare,” the name given to recently identified vulnerabilities in the Kubernetes (K8s) ingress-nginx controller.

As organizations strengthen endpoint and cloud security, attackers are shifting their focus to often-overlooked network infrastructure like routers, switches, and firewalls. Legacy vulnerability management (VM) solutions struggle to keep pace, relying on slow, periodic scans that fail to provide real-time visibility into emerging threats.

Research is the cornerstone of CrowdStrike’s focus on innovation, and it enables us to stay a step ahead of the most sophisticated adversaries. The work of our dedicated team of researchers and data scientists is reflected in the industry-leading protection delivered by the AI-native CrowdStrike Falcon platform. This team is not only involved in groundbreaking new developments — it is also constantly exploring ways to make existing cybersecurity technology more effective.

The evolving landscape of state-sponsored threats demands the highest levels of security for federal systems and critical infrastructure. As part of our longstanding commitment to protecting federal agencies and critical infrastructure, the AI-native CrowdStrike Falcon platform has achieved Federal Risk and Authorization Management Program (FedRAMP) High Authorization — the U.S. government’s most stringent cloud security standard.