Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Operationalizing external data is essential for smarter and faster threat detection. Falcon Next-Gen SIEM and Fusion SOAR make it easy with new HTTP Request and Lookup File actions. Security teams can now dynamically pull data from third party sources into automated workflows without writing a line of code. These inputs are instantly converted into lookup tables that enrich detections in real time, powering precision and speed at machine scale.

Charlotte AI automatically triages detections with supporting evidence, autonomously generates and answers prioritized questions, and embeds AI reasoning directly into workflow automation to drive scalable action across cloud environments. Subscribe and Stay Updated:► Don't miss out on more exciting content! Subscribe to our channel for the latest updates, case studies, and more from the world of cybersecurity. Hit the bell icon to receive notifications whenever we post new videos. Thank you for watching!

The offboarding phase is a critical time to manage risk and protect sensitive data. With the new Workday integration, departing users are automatically added to a designated Active Directory group. Falcon Identity Protection and Falcon Data Protection then apply real-time controls to block unauthorized access and prevent data exfiltration—watch the demo to see it in action!

They never really left — they just got quieter, faster, and bolder. In this episode of the Adversary Universe podcast, Adam and Cristian trace the resurgence of SCATTERED SPIDER, one of today’s most aggressive and sophisticated adversary groups.

Ransomware is evolving—and it's targeting your blind spots. Attackers now encrypt files remotely over SMB shares using stolen credentials and unmanaged systems, bypassing traditional defenses. CrowdStrike closes this gap with File System Containment, a powerful Falcon Endpoint Security feature that detects ransomware-style behaviors like mass encryption and blocks destructive file actions instantly—directly at the endpoint, without relying on cloud checks or process termination.

This demo shows how Charlotte AI transforms raw vulnerability data from Falcon Exposure Management into a CISO-ready report. By pulling enriched insights from Next-Gen SIEM—like ExPRT.AI scores and asset criticality—the workflow translates technical signals into business risk. The result: a clear, automated email that highlights key trends, impacted systems, and actionable remediation paths. CrowdStrike Exposure Management.

Email remains the top attack vector, and speed is critical when every second counts. Falcon Next-Gen SIEM and Fusion SOAR streamline detection by ingesting email telemetry and automating investigation with Charlotte AI. By analyzing sender behavior and message content, Charlotte AI delivers real-time, human-readable verdicts with confidence scoring. Teams can quickly isolate threats, block senders, or escalate suspicious activity. With AI-powered workflows and automation, email triage becomes faster, more precise, and scalable.