Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CrowdStrike Falcon Exposure Management Expands Security to Unmanaged Network Assets with Network Vulnerability Assessment

As organizations strengthen endpoint and cloud security, attackers are shifting their focus to often-overlooked network infrastructure like routers, switches, and firewalls. Legacy vulnerability management (VM) solutions struggle to keep pace, relying on slow, periodic scans that fail to provide real-time visibility into emerging threats.

CrowdStrike Researchers Develop Custom XGBoost Objective to Improve ML Model Release Stability

Research is the cornerstone of CrowdStrike’s focus on innovation, and it enables us to stay a step ahead of the most sophisticated adversaries. The work of our dedicated team of researchers and data scientists is reflected in the industry-leading protection delivered by the AI-native CrowdStrike Falcon platform. This team is not only involved in groundbreaking new developments — it is also constantly exploring ways to make existing cybersecurity technology more effective.

CrowdStrike Achieves FedRAMP High Authorization

The evolving landscape of state-sponsored threats demands the highest levels of security for federal systems and critical infrastructure. As part of our longstanding commitment to protecting federal agencies and critical infrastructure, the AI-native CrowdStrike Falcon platform has achieved Federal Risk and Authorization Management Program (FedRAMP) High Authorization — the U.S. government’s most stringent cloud security standard.

Follow the Adversary: The Top 3 Red Team Exploitation Paths from 2024

Though 2024 may be behind us, many of the security threats and vulnerabilities that organizations faced last year remain. The CrowdStrike Professional Services Red Team tracks them all in its efforts to defend organizations against adversaries. The three most common exploitation paths we encountered were: In this blog, we break down these three critical exploitation paths, detailing how they occur and what steps organizations can take to mitigate them.

Securing XIoT in the Era of Convergence and Zero Trust

The rise of connected devices has fundamentally reshaped industries, enabling unprecedented levels of automation, efficiency, and innovation. These devices fall under the Extended Internet of Things (XIoT), a broad category encompassing traditional Internet of Things (IoT) devices, operational technology (OT), industrial control systems (ICS), the Internet of Medical Things (IoMT), and other connected assets that span enterprise IT and operational environments.

Falcon Cloud Security Identifies AI-Driven Packages in Container Images

Artificial intelligence (AI) is rapidly transforming industries, but with this innovation come new security challenges as threat actors explore AI’s powerful capabilities. They’re adopting new techniques, targeting AI models, injecting malicious code into AI processes, and exploiting vulnerabilities in AI-related software packages.

NHS Matures Healthcare Cybersecurity with NCSC's CAF Assurance Model

The UK’s National Health Service (NHS) has transformed its approach to validating its level of cybersecurity maturity across healthcare by adopting the National Cyber Security Centre (NCSC) Cyber Assessment Framework (CAF). This shift is key to achieving the NHS’s broader goals: protecting patient data, ensuring uninterrupted healthcare delivery, and building the foundation for a fully digitized healthcare system by 2030.

Build Smarter Threat Detection with Next-Gen SIEM

SOC teams across businesses, industries, and geographies share the same goal: Stop cyberattacks before damage is done. But for those with legacy SIEMs, this is nearly impossible to achieve. Legacy SIEMs demand an overwhelming investment of time, resources, and expertise to set up and maintain.

Redefining Incident Response in the Modern Era

CrowdStrike Incident Response (IR) services sees firsthand why organizations facing today’s evolving threat landscape require advanced capabilities to detect, respond, and remediate cyberattacks in near real time. These observations continue to shape our approach to delivering unparalleled incident response.

4 Key Steps to Prevent Subdomain Takeovers

Adversaries don’t need to force their way in when they can slip through an organization’s overlooked assets. Subdomain takeovers are a prime example of how attackers exploit misconfigured or abandoned DNS records to gain access, launch phishing campaigns, distribute malware, or take other malicious actions — all while operating under the guise of a legitimate corporate domain.