Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

New Abuse of the ClickOnce Technology, Part 1: The Inner Workings of ClickOnce Application Deployment

Sharing applications with the world is no easy task. Developers struggle to ensure compatibility across different platforms, vendors continually search for new channels to showcase and distribute their software, and users often encounter hurdles when installing and updating the applications. To help solve this challenge, Microsoft offers multiple solutions including its Microsoft Store, the native Windows Installer component (.msi packages), and a lesser-known but powerful option: ClickOnce technology.

New Abuse of the ClickOnce Technology, Part 2: Stop Threat Actors from Clicking Once and Staying Forever

Following our deep dive into the internals of ClickOnce application deployment in Part 1 of this two-part blog series, let’s focus on the security implications of this technology. In this blog, we examine how threat actors can weaponize ClickOnce features, and we reveal what we believe to be a new abuse that security teams need to be aware of.

After Executive Order 14409: Next Steps for Securing AI

Adversaries are using AI to attack with unprecedented speed and precision. This trend, coupled with the rapidly growing use of agentic AI, means it is now necessary to use AI to protect and defend the modern tech stack. It is timely that on June 2, 2026, President Trump signed Executive Order 14409 on Promoting Advanced Artificial Intelligence Innovation and Security. At a high level, this EO validates that security is fundamental to reaping the benefits of AI.

Falcon Secure Access: Phishing Protection Inside the Browser

Phishing attacks increasingly rely on highly convincing login experiences designed to mimic trusted services. Watch how Falcon Secure Access detects sophisticated phishing attempts directly inside the browser, prevents sensitive data from being exposed, and protects users in real time. Subscribe and stay updated!#CrowdStrike.

Charlotte AI AgentWorks: Build Your Security Workforce Demo

Today’s adversaries move at the speed of AI, so defenders need to reason, decide, and act faster across every stage of security operations. Meet Charlotte AI AgentWorks, a no-code agent builder that enables teams to create mission-ready AI agents directly inside the CrowdStrike Falcon platform.

Falcon Exposure Management Now Available for Third-Party Environments

Frontier AI is poised to change cybersecurity faster than most organizations can adapt. It’s accelerating vulnerability discovery, which puts new pressure on security teams to handle more vulnerabilities, in less time, with workflows built for much slower technology. The primary challenge of the frontier AI era is not the increase in vulnerabilities. It’s understanding which exposures are most critical and how to address them before adversaries target them.

See Falcon Exposure Management In Action

As adversaries use Frontier AI to discover, chain, and exploit vulnerabilities faster, security teams need to understand what is exploitable, where they are exposed, and how to reduce risk before attackers act. In this demo, see how Falcon Exposure Management helps teams operationalize CTEM across the attack surface. The walkthrough highlights continuous visibility across internal and external exposures, network vulnerabilities, applications, browser extensions, AI inventory, and attack paths.

CrowdStrike Announces Continuous Identity for AI Agents

Identity security has long been built around a simple premise: Authenticate a user, grant access, and trust that decision until their next login. While for many this model worked well enough when identities were primarily human and access patterns were predictable, that’s no longer the case for humans and definitely not the case for AI agents.

Falcon Privileged Access: Expanding Modern Privileged Access to AWS

Falcon Privileged Access replaces static, always-on privileges with zero standing access and dynamic control. Watch this demo to see how alongside Entra roles, AD groups, and local privileges, AWS roles and access to specific tags can be granted just in time, under secure conditions, and revoked automatically when the session ends or the moment conditions change. Subscribe and stay updated!

Falcon Next-Gen Identity Security: Securing AI Agents with Continuous Identity

Falcon Next-Gen Identity Security enables continuous identity for AI agents, evaluating every tool call in real time using user context, agent trust, and risk signals. Watch the demo to see how CrowdStrike enforces dynamic policies and continuously validates both users and agents to prevent unauthorized actions, contain compromised agents, and securely scale AI adoption. Subscribe and stay updated!