After dissecting a full year’s worth of interactive intrusion data, the CrowdStrike® Falcon OverWatch™ Elite team has identified the most commonly abused living-off-the-land binaries — and distilled the critical insights that defenders need to know to protect their organizations against the misuse of these binaries.

We believe our recognition in the 2022 Magic Quadrant for Endpoint Protection Platforms reinforces CrowdStrike’s position as a cybersecurity leader, innovator and visionary placing farthest to the right for Completeness of Vision. We are proud to share that CrowdStrike has once again been named a Leader in the Gartner Magic Quadrant for Endpoint Protection Platforms (EPP).

After extensive testing and analysis, the AV-TEST Institute has named CrowdStrike Falcon® Pro for Mac the Best MacOS Security Product for Business for 2022. AV-TEST completed its evaluation of macOS security products for business users for 2022 following a year-long series of tests, in which Falcon Pro for Mac was the only security product to score a perfect 18.0 points in three straight quarterly evaluations. In announcing the decision, AV-TEST CEO Maik Morgenstern praised Falcon Pro for Mac.

Deep learning is a core part of CrowdStrike’s arsenal of machine learning (ML) techniques, and we are constantly innovating in this area to boost the performance of our ML models. However, ML can consume large amounts of computing resources. To minimize the computing load and its associated costs, we strive to optimize performance and resource utilization for our models as well as address any safety issues related to the use of third-party tools.

The CrowdStrike 2023 Global Threat Report, among the most trusted and comprehensive research on the modern threat landscape, explores the most significant security events and trends of the previous year, as well as the adversaries driving this activity. The latest edition of the CrowdStrike Global Threat Report comes at a critical time for organizations around the world.

Email is the top initial attack vector, with phishing campaigns responsible for many damaging cyber attacks, including ransomware. Being able to search Mimecast email security logs in CrowdStrike Falcon® LogScale (formerly known as Humio), alongside other log sources such as endpoint, network and authentication data helps cybersecurity teams detect and respond to cyber attacks.

CrowdStrike recently analyzed a macOS-targeted mineware campaign that utilized malicious application bundles to deliver open source XMRig cryptomining software and Invisible Internet Protocol (I2P) network tooling.

This post covers how to ingest data into CrowdStrike Falcon® LogScale from your MacOS platform using Python. This guide is great for setting up a one-node proof of concept (POC) so you can take advantage of LogScale’s free trial. Before you can write your ingest client, you must prepare a good foundation. That means preparing your MacOS instance via the following steps: Ready? Let’s get started.