Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Adversaries are increasingly adopting AI technology to make their cyber operations faster, more efficient, and harder to detect. To stay ahead, defenders need intelligent systems capable of reasoning and acting with the same speed and accuracy as the adversary. CrowdStrike empowers defenders with the CrowdStrike Falcon platform, our agentic security platform that is fueled by AI built and governed by experts who understand the mission of defense.

CrowdStrike is announcing new cloud detection and response (CDR) capabilities to help SOC teams reduce mean time to respond (MTTR) and strengthen protection across hybrid and multi-cloud environments. These include new Real-Time Cloud Detections in CrowdStrike Falcon Cloud Security and Automated Cloud Response Actions.

CrowdStrike is redefining how SOC teams turn cloud data into actionable intelligence by unifying speed, scale, and cost efficiency in one platform built for the cloud and AI era. Together with AWS, today we are announcing new integrations and consumption options designed to further simplify how customers secure and operationalize workloads on Amazon Web Services (AWS).

In a cloud-first world, sensitive data moves quickly between microservices, APIs, SaaS applications, and storage services. CrowdStrike Falcon Data Protection for Cloud, now generally available, delivers runtime visibility and protection for sensitive data in motion so organizations have continuous insight into how data moves, when it’s accessed, and where it’s at risk.

In January 2025, China-based AI startup DeepSeek (深度求索) released DeepSeek-R1, a high-quality large language model (LLM) that allegedly cost much less to develop and operate than Western competitors’ alternatives. CrowdStrike Counter Adversary Operations conducted independent tests on DeepSeek-R1 and confirmed that in many cases, it could provide coding output of quality comparable to other market-leading LLMs of the time.

Cross-domain attacks exemplify adversaries’ drive for speed and stealth. In these attacks, threat actors navigate multiple domains such as endpoint, cloud, and identity systems to maximize their reach and impact. Their goal is to exploit the weaknesses in organizations’ fast-growing and complex environments.

Anthropic's Threat Intelligence team recently uncovered and disrupted a sophisticated nation-state operation that weaponized Claude’s agentic capabilities and the Model Context Protocol (MCP) to orchestrate automated cyberattacks simultaneously against multiple targets worldwide. This AI-powered attack automated reconnaissance, vulnerability exploitation, lateral movement, and more across multiple victim environments at unprecedented scale and speed.

AI has collapsed the vulnerability exploit lifecycle. Adversaries now discover, weaponize, and exploit exposures across hybrid environments in minutes — chaining together misconfigurations, unpatched systems, and stolen credentials to gain rapid access and move laterally across environments. For defenders, the speed of the adversary changes everything.

CrowdStrike has been named the Overall Leader in the 2025 KuppingerCole Leadership Compass for Identity Threat Detection and Response (ITDR), positioned furthest to the right. This validates our ongoing mission to secure every identity — human, non-human, and AI agent. We are recognized as a Leader across all key categories: Product, Innovation, Market, and Overall Ranking.

Most exposure reporting is still slow, error-prone, and disconnected from reality. Analysts spend hours collecting and formatting data using different tools that produce conflicting priorities. Reports are bloated with raw CVE lists that lack context and rarely connect to business impact. They are often delayed, arriving after the adversaries have moved. While teams struggle with outdated reports, adversaries are seeking new ways to gain initial access.