< ciso
brief />
Tag Banner

All news with #crowdstrike tag

149 articles · page 7 of 8

How Falcon ASPM Secures GenAI Applications at CrowdStrike

🔒 Falcon ASPM provides continuous, code-level visibility to secure generative and agentic AI applications such as Charlotte AI. It detects real-time drift, produces a runtime SBOM, and maps architecture and data flows to flag reachable vulnerabilities, softcoded credentials, and anomalous service behaviors. Contextualized alerts and mitigation guidance help teams prioritize fixes and reduce exploitable risk across complex microservice environments.
read more →

CrowdStrike Adds Correlation Rule Template Discovery

🔍 CrowdStrike has launched the Correlation Rule Template Discovery dashboard in Falcon Next-Gen SIEM to help SOC teams discover and operationalize high-value detection content more quickly. The centralized dashboard maps templates to onboarded telemetry, offers precision search and filtering by data source and MITRE ATT&CK tactics, and exposes quick actions to test and deploy templates as active correlation rules. It highlights new and updated templates, provides compatibility analysis, and surfaces curated research and enablement guidance to accelerate detection and reduce noise.
read more →

The Dawn of the Agentic SOC: Reimagining Security Now

🔐 At Fal.Con 2025, CrowdStrike CEO George Kurtz outlined a shift from reactive SOCs to an agentic model where intelligent agents reason, decide, act, and learn across domains. CrowdStrike introduced seven AI agents within its Charlotte framework for exposure prioritization, malware analysis, hunting, search, correlation rules, data transformation and workflow generation, and is enabling customers to build custom agents. The company highlights a proprietary "data moat" of trillions of telemetry events and annotated MDR threat data as the foundation for training agents, and announced the acquisition of Pangea to protect AI agents and launch AIDR (AI Detection and Response). The vision places humans as orchestrators overseeing fleets of agents, accelerating detection and response while preserving accountability.
read more →

CrowdStrike Named Frost Radar Leader in CNAPP Innovation

🔒 CrowdStrike has been named an innovation and growth leader in the 2025 Frost Radar: Cloud Workload Protection Platforms, ranking highest on the Innovation Index. Falcon Cloud Security provides unified, AI-native protection across pre-runtime and runtime, combining agent-based and agentless coverage, shift-left CI/CD policy enforcement, continuous posture management, and runtime defenses. Integration with the Falcon platform’s XDR and MDR and a single sensor for hybrid environments enables faster cross-domain detection and response.
read more →

Protect AI Development Using Falcon Cloud Security

🔒 Falcon Cloud Security provides end-to-end protection for AI development pipelines by embedding AI detection into CI/CD workflows, scanning container images, and surfacing AI-related packages and CVEs in real time. It extends visibility to cloud model services — including AWS SageMaker and Bedrock, Azure AI, and Google Vertex AI — revealing model provenance, dependencies, and API usage. Runtime inventory ties build-time detections to live containers so teams can prioritize fixes, govern models, and maintain delivery velocity without compromising security.
read more →

Automating Alert Triage and SOP Execution with AI Platform

🤖 Tines published a prebuilt workflow that automates security alert triage by using AI agents to identify alert types, find relevant SOPs in Confluence, and execute remediation steps across integrated tools. The two-agent design creates structured case records, documents every action, and notifies on-call staff via Slack. The workflow supports integrations such as CrowdStrike, Okta, VirusTotal and others, and is available in Tines' Community Edition for testing.
read more →

CrowdStrike Advances Next-Gen Identity Security Innovations

🔐 CrowdStrike announced three enhancements to Falcon Next‑Gen Identity Security: FalconID, expanded privileged access controls, and identity‑driven case management. FalconID delivers FIDO2-based, phishing-resistant passwordless MFA via the Falcon for Mobile app, combining Bluetooth proximity checks with contextual telemetry to block credential phishing, MFA fatigue, and session hijacking. Privileged access updates add just-in-time workflows, Microsoft Teams request/revoke, Fusion SOAR automation, and hybrid coverage including local systems (early access). Identity-driven case management integrates identity detections into Falcon Next‑Gen SIEM and automates analyst response (generally available).
read more →

CrowdStrike Enhances GenAI Data Protection Across Platforms

🔒 CrowdStrike announces four new innovations in Falcon Data Protection to help organizations prevent GenAI-driven data leaks across endpoints, cloud, SaaS and AI tools. The updates include real-time GenAI protections that span browsers, local apps and shadow AI services, unified out-of-the-box detections, AI-powered classifications, and a consolidated Insider Risk dashboard. Beta and general availability windows span late 2025 through mid-2026, with cloud features prioritized earlier.
read more →

CrowdStrike Secures AI Across the Enterprise with Partners

🔒 CrowdStrike describes how the Falcon platform delivers unified visibility and lifecycle defense across the full AI stack, from GPUs and training data to inference pipelines and SaaS agents. The post highlights integrations with NVIDIA, AWS, Intel, Dell, Meta, and Salesforce to extend protection into infrastructure, data, models, and applications. It also introduces agentic defense via Charlotte AI for autonomous triage and rapid response, and emphasizes governance controls to prevent data leaks and adversarial manipulation.
read more →

CrowdStrike Launches Threat AI: Agentic Threat Intel

🔍 CrowdStrike unveiled Threat AI, described as the industry’s first agentic threat intelligence system, built on the Falcon platform to reason, hunt, and act across adversary activity. The initial agents — a Malware Analysis Agent and a Hunt Agent — automate complex workflows like reversing, classification, retrohunting, and continuous threat hunting to surface actionable recommendations. CrowdStrike also released a Threat Intelligence Browser Extension for Chrome to provide intelligence in analysts’ workflows, aiming to accelerate investigations and help SOCs respond at machine speed.
read more →

CrowdStrike Unveils Agentic AI Platforms After Onum Deal

🤖 CrowdStrike is expanding its agentic AI strategy following its $290 million acquisition of Onum, introducing two initiatives designed to accelerate real-time telemetry and automate SOC workflows. The Agentic Security Platform builds an "enterprise graph" with a semantic data model that acts as a Rosetta Stone to normalize diverse telemetry and enable a global query and command engine. Agent Works provides a no-code environment to create, test, and deploy agentic systems, while the Agentic Security Workforce delivers mission-ready agents in Falcon sensors to automate repetitive analyst tasks and enforce data-protection controls across endpoints.
read more →

Self-propagating 'Shai-Hulud' supply-chain attack hits npm

🐛 Security researchers report at least 187 npm packages compromised in an active supply-chain campaign dubbed Shai‑Hulud. The malware, first observed in the widely used @ctrl/tinycolor package, includes a self‑propagating payload that injects a bundle.js, abuses TruffleHog to harvest tokens and cloud credentials, and creates unauthorized GitHub Actions workflows to exfiltrate secrets. Affected vendors including CrowdStrike say they removed malicious packages and rotated keys; developers are urged to audit environments, rotate secrets, and pin dependencies.
read more →

CrowdStrike Falcon: Building an Agentic Security Platform

🚀 The CrowdStrike Falcon fall release reframes the platform as an Agentic Security Platform, introducing four core innovations: Enterprise Graph, Charlotte AI AgentWorks, the Agent Collaboration framework (powered by MCP), and an AI-native console. Enterprise Graph unifies telemetry into a real-time, AI-ready data layer to give humans and agents shared context. Charlotte AI AgentWorks delivers a no-code environment to design, test, deploy, and govern mission-specific security agents at scale, while MCP enables secure, orchestrated multi-agent collaboration.
read more →

CrowdStrike to Acquire Pangea to Secure Enterprise AI

🔒 CrowdStrike announced its intent to acquire Pangea to deliver the industry’s first AI detection and response (AIDR) capability, securing enterprise AI use and development across data, models, agents, identities, infrastructure, and interactions. Unveiled at Fal.Con 2025 by Michael Sentonas, the deal will integrate Pangea’s prompt‑layer and interaction security with the Falcon platform to provide unified visibility, governance, and enforcement across the AI lifecycle. The combined solution targets prompt injection, model manipulation, shadow AI and sensitive data exfiltration while enabling developers and security teams to innovate faster with built‑in safeguards.
read more →

Cloudflare integrates CrowdStrike Falcon Fusion SOAR

🔗 Cloudflare announced an integration between the Cloudflare One SASE platform and CrowdStrike Falcon Fusion SOAR, delivering two out‑of‑the‑box connectors for Zero Trust and Email Security. The prebuilt actions exposed in the CrowdStrike Content Library automate common tasks—searching messages, updating allow/block lists, adjusting access policies, and revoking tokens—to reduce manual investigation and accelerate remediation. Customers can chain Cloudflare actions with Falcon Fusion playbooks via a drag‑and‑drop editor to enable bidirectional containment across network, email, and endpoints. The integration supports Logpush to CrowdStrike HTTP ingest and can be enabled from both vendor consoles, with APIs and custom playbooks available for tailoring workflows.
read more →

Wesco Reimagines Risk Management with Data Consolidation

🔍 Wesco consolidated thousands of security alerts into a unified risk framework to separate urgent threats from noise. By integrating more than a dozen platforms — including GitHub, Azure DevOps, Veracode, JFrog, Kubernetes, Microsoft Defender, and CrowdStrike — the company applied ASPM, threat modeling, a security champions program, and AI-driven automation to prioritize remediation. The initiative reduced duplication, saved developer time, and improved risk visibility across the organization.
read more →

Falcon Complete Hub Unifies MDR Visibility and Action

🛡️ Falcon Complete Hub delivers a unified interface inside the Falcon platform that consolidates Falcon Complete Next‑Gen MDR activities, escalations and expert guidance into a single operational view. It prioritizes critical actions, provides step‑by‑step remediation links and centralizes subscription status, announcements and knowledge resources to reduce decision latency. Backed by a 37‑minute mean time to respond and a four‑minute mean time to detect, the Hub converts MDR visibility into clear operational tasks and faster response.
read more →

Partner-built AI Security Innovations on Google Cloud

🔒 Google Cloud and its partners announced a range of partner-built AI security solutions now available in the Google Cloud Marketplace. These integrations embed Gemini and Vertex AI into partner products — including CrowdStrike, Palo Alto Networks, Fortinet, and others — to protect models, data, applications, and agents. The collaborations emphasize automated detection, incident response, DLP, identity protection, and agent monitoring to reduce mean time to detect and respond, helping customers adopt AI securely.
read more →

CrowdStrike Named Leader in Forrester Wave MDR Europe

🔒 CrowdStrike has been named a Leader in The Forrester Wave™: Managed Detection and Response (MDR) Services in Europe, Q3 2025, receiving the highest possible scores in 16 evaluation criteria spanning detection surfaces, managed response, threat hunting and analyst experience. Falcon Complete Next-Gen MDR combines AI-accelerated detection and investigation with expert-led response across endpoint, cloud, identity and third-party telemetry. The service uses CrowdStrike Charlotte AI to triage alerts and accelerate analysis, and emphasizes end-to-end remediation actions that remove persistence and contain intrusions without costly reimaging. CrowdStrike positions this recognition as validation of its platform-led, AI-plus-human approach to stopping breaches.
read more →

Secure AI at Machine Speed: Full-Stack Enterprise Defense

🔒 CrowdStrike explains how widespread AI adoption expands the enterprise attack surface, exposing models, data pipelines, APIs, and autonomous agents to new adversary techniques. The post argues that legacy controls and fragmented tooling are insufficient and advocates for real-time, full‑stack protections. The Falcon platform is presented as a unified solution offering telemetry, lifecycle protection, GenAI-aware data loss prevention, and agent governance to detect, prevent, and remediate AI-related threats.
read more →