For security teams on the front lines and those of us in the business of stopping cyberattacks and breaches, 2021 provided no rest for the weary. In the face of massive disruption brought about by the COVID-driven social, economic and technological shifts of 2020, adversaries refined their tradecraft to become even more sophisticated and brazen. The result was a series of high-profile attacks that rocked many organizations and, on their own, represented watershed moments in cybersecurity.

Since we founded CrowdStrike, one of the things I’m proudest of is our collective ability to work with customers to lead the industry forward. Leadership is more than just being the loudest voice or making wild marketing claims. It’s about listening and working with customers to help them solve their hardest problems to achieve a common goal: stopping breaches.

This week we announced the general availability of CrowdStrike’s newest innovation, Falcon XDR, and I couldn’t be more excited. Using our same single, lightweight agent architecture, Falcon XDR enables security teams to bring in third-party data sources for a fully unified solution to rapidly and efficiently hunt and eliminate threats across multiple security domains.

We are thrilled to announce the general availability of CrowdStrike’s newest innovation: Falcon XDR. Founded on our pioneering endpoint detection and response (EDR) technology and the power of the CrowdStrike Security Cloud, Falcon XDR delivers the next generation of unified, full-spectrum extended detection and response (XDR) so security teams can stop breaches faster.

Protecting cloud workloads from zero-day vulnerabilities like Log4Shell is a challenge that every organization faces. When a vulnerability is published, organizations can try to identify impacted artifacts through software composition analysis, but even if they’re able to identify all impacted areas, the patching process can be cumbersome and time-consuming. As we saw with Log4Shell, this can become even more complicated when the vulnerability is nearly ubiquitous.

In November 2021, a vulnerability was discovered in a ubiquitous Linux module named Polkit. Developed by Red Hat, Polkit facilitates the communication between privileged and unprivileged processes on Linux endpoints. Due to a flaw in a component of Polkit — pkexec — a local privilege escalation vulnerability exists that, when exploited, will allow a standard user to elevate to root.

CISA recently advised U.S. business leaders to protect their companies from destructive malware that has been seen targeting Ukraine. This emphasizes the importance of having the right technologies in place. The automated detection and protection capabilities of the CrowdStrike Falcon platform protect customers from this malware, provide them with visibility into their environments and allow for intelligent monitoring of cloud resources.

On Jan. 18, 2022, researchers found a heap base buffer overflow flaw (CVE-2022-0185) in the Linux kernel (5.1-rc1+) function “legacy_parse_param” of filesystem context functionality, which allows an out-of-bounds write in kernel memory. Using this primitive, an unprivileged attacker can escalate its privilege to root, bypassing any Linux namespace restrictions.