Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Did you know there may be a blind spot in your network right now? Firewalls, routers, and edge devices often generate minimal logs by default, creating visibility gaps that adversaries can exploit. In this breakdown, we examine how a China-nexus threat group known as Operator Panda leveraged vulnerable network devices to gain access, establish persistence, and remain undetected even after patches were applied.

Your next software update could be weaponized. In this short breakdown, we examine how adversaries compromised the Notepad++ update mechanism to distribute malware and how CrowdStrike identified the activity four months before public disclosure.

Adversaries are weaponizing AI, accelerating tradecraft and moving from access to impact at machine speed. As breakout times collapse to seconds, security teams cannot rely on manual processes or static automation to keep up. Meet the CrowdStrike Agentic SOC, a new operating model built for the AI era.

Your AI tools just became the perfect hiding spot for hackers. Cybercriminals have found a new attack vector: weaponizing the AI assistants your team uses every day. In this live demonstration, we show how adversaries can turn tools like Claude into persistent backdoors and how CrowdStrike Falcon stops them cold. TIMESTAMPS: WHAT YOU'LL LEARN:– How hackers exploit AI automation features to create backdoors– Why password resets and patches won't stop this attack– How behavioral detection catches threats hiding in legitimate tools– Real-time threat prevention in action.

See how CrowdStrike Falcon Next-Gen SIEM enables security teams to deploy log collectors instantly via the Falcon Sensor—without relying on traditional software distribution processes. In this demo, you’ll learn how to create a Log Collector Policy, automatically install collectors across host groups, validate installation through Falcon telemetry, and centrally manage third-party data ingestion from Fleet Management.

See how CrowdStrike Falcon Fusion SOAR Test Mode lets security teams validate workflows instantly—without live alerts or production risk. You’ll learn how to run playbooks end-to-end using past events or mock data, safely test high-cost actions like LLM analysis, and debug logic with full visibility. With built-in transform testing and mock inputs, Test Mode speeds up automation and reduces errors for faster, safer deployment.

As adversaries accelerate with GenAI and blend into legitimate cloud activity, real-time correlation between telemetry and control plane events is critical. Without it, investigations stall and visibility gaps grow. CrowdStrike delivers real-time detections and automated cloud-native response to stop adversaries in seconds. Subscribe and Stay Updated.

Threat hunting is hard to define, but Brody Nisbet, Sr. Director of CrowdStrike OverWatch, breaks down the basics in an episode that starts with the CrowdStrike OverWatch mission and dives into his stories from the front lines of threat hunting.

CrowdStrike Falcon Adversary Overwatch: ► Detect adversaries hiding in your blind spots. Falcon Adversary Overwatch exposes threats targeting network edge devices—firewalls, routers, and infrastructure traditional security tools can’t see. Watch the demo to see how CrowdStrike detects OPERATOR PANDA in real time and stops edge-driven intrusions that quickly turn into credential theft and identity abuse before they escalate.

Falcon Cloud Security Cloud Risk Rules correlate insights across your cloud environment to identify potentially dangerous states and combinations, even when individual findings appear low-severity in isolation amid the countless security risks your cloud infrastructure faces every day.