Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CrowdStrike

CrowdStrike

CrowdStrike Announces Expanded Service Integrations with AWS

At AWS re:Invent 2022, CrowdStrike announced expanded service integrations with AWS to provide breach protection across your AWS environment, simplified infrastructure management and security consolidation. On January 31, 2023, AWS announced CloudTrail Lake Partner Integrations, with CrowdStrike signing on as a launch partner. With this integration, organizations get the opportunity for a consistent security posture between on-premises workloads and those running in the AWS cloud.

CrowdStrike

Using Artificial Intelligence and Machine Learning to Combat Hands-on-Keyboard Cybersecurity Attacks

With news headlines like “A massive ransomware attack hit hundreds of businesses” becoming common, concern about malware has never been higher. High-profile examples of malware like DarkSide, REvil have been profiled so many times that not only cybersecurity professionals are on edge — every organization that has on-premises or in-the-cloud workloads is concerned.

CrowdStrike

How Adversaries Can Persist with AWS User Federation

In recent incident response investigations, CrowdStrike Services has observed adversaries use the sts:GetFederationToken API call to create federated sessions from IAM users. In this scenario, the federated session inherits permissions from the base IAM user. Perhaps surprising to many incident responders, the privileges and access of the federated session are not revoked when the base IAM user’s credentials are deactivated.

CrowdStrike

Small Business Cyberattack Analysis: Most-Targeted SMB Sectors and Key Prevention Tips

Small and medium-sized businesses (SMBs) are more frequent targets of cybercrime than larger companies, industry research shows, and the trend is putting enormous financial pressure on small businesses. Some SMBs feel this pressure more strongly than others: CrowdStrike’s data shows sectors including not-for-profit and transportation are more frequently targeted with high- and critical-severity attacks than other industries.

CrowdStrike

Data Protection Day 2023: Misaligned Policy Priorities Complicate Data Protection Compliance

January 28 is recognized as Data Protection Day in Europe, the United States and dozens of other countries including Canada and Israel. It provides a moment to reflect on where data protection regulations stand today and where they are going. At present, seemingly incongruent trends in cybersecurity policy threaten to confuse data protection efforts.

CrowdStrike

Securing PostgreSQL from Cryptojacking Campaigns in Kubernetes

PostgreSQL is a powerful, open-source relational database management system (RDBMS). Because of its robustness and scalability, PostgreSQL is used extensively in the cloud. Most public cloud providers including AWS, Azure and GCP provide database services to their customers based on PostgreSQL.

CrowdStrike

Importing Logs from FluentD into Falcon LogScale

One of the primary debugging tools for a cloud-native developer is the simple, humble log file. Some malfunctioning systems can be impossible to debug without them. FluentD is an open source log collector that provides unified log processing across multiple emitter systems, either on the same logical device or separate devices. For example, on a single k8s pod, logs are emitted from the pod itself, the container running in the pod and the microservice running in the container.

Under the Wing: Taking on Patch Tuesdays with Falcon Spotlight

Microsoft’s Patch Tuesday is dreaded by every security team. With dozens of new patches inundating your team every month, how do you know which to prioritize? CrowdStrike combines the power of our world-class machine learning and our unparalleled intelligence to arm every customer with the insight they need to prioritize patches and take action. In this Under the Wing episode, you’ll learn how CrowdStrike enables you to protect your organization with Falcon Spotlight.