Reports
AI-generated structured vendor updates
NVIDIA Launches OpenShell, Establishing Runtime Sandbox for Secure Autonomous AI Agents
NVIDIA introduces OpenShell, an open-source project designed as a secure-by-design runtime for autonomous AI agents. It employs a "browser tab" model, isolating agent operations from policy enforcement at the system level to prevent policy overrides and data leaks. NVIDIA is collaborating with key security vendors to establish a unified policy layer for enterprise AI agents.
NVIDIA Launches OpenShell Open-Source Runtime for AI Agent Security Isolation
NVIDIA introduces OpenShell open-source runtime providing system-level sandbox isolation for autonomous AI agents, separating application operations from infrastructure policy enforcement. Partners with Cisco, Google Cloud to establish unified runtime policy management. Releases NemoClaw reference stack for simplified deployment.
CrowdStrike Innovations for Securing AI Agents and Shadow AI
CrowdStrike introduces new capabilities to secure AI agents and govern shadow AI across endpoints, SaaS, and cloud. This innovation extends unified security controls to address unauthorized AI usage threats, enhancing enterprise AI security architecture.
CrowdStrike Expands Falcon SIEM to Support Third-Party EDR Tools
CrowdStrike has added support for third-party EDR tools to its next-gen SIEM, Falcon, starting with Microsoft Defender. This enables cross-vendor security data integration, improving incident response efficiency and reducing deployment complexity for enterprises.
CrowdStrike Launches AI Agent Security and Shadow AI Governance Solutions
CrowdStrike launched Falcon for AI Security for runtime protection of AI agents, and Falcon Exposure Management for AI to govern shadow AI applications. The solutions cover endpoints, SaaS, and cloud environments, aiming for full lifecycle security of AI applications.
CrowdStrike Falcon SIEM Integrates Third-Party EDR, First with Microsoft Defender
CrowdStrike extends Falcon Next-Gen SIEM to integrate third-party EDR tools, starting with Microsoft Defender for Endpoint. Customers can now ingest Defender telemetry into Falcon SIEM, breaking the traditional same-vendor SIEM-EDR requirement.
CrowdStrike Discloses GitHub Actions Supply Chain Attack
CrowdStrike's threat intelligence team exposed a supply chain attack on Trivy's GitHub Action, where hijacked accounts injected malware to steal credentials. The incident highlights critical risks in CI/CD third-party dependencies, urging enhanced security reviews and runtime monitoring of Actions.
CrowdStrike Discloses Tycoon2FA Phishing-as-a-Service Platform Remains Active
CrowdStrike's threat intelligence team reveals Tycoon2FA Phishing-as-a-Service platform uses reverse proxy architecture to intercept user sessions in real-time, bypassing two-factor authentication. The service operates on a subscription model offering customized phishing pages and automated tools, linked to multiple attack campaigns.
CrowdStrike and NVIDIA Integrate AI Agent Security Solution
CrowdStrike integrates Falcon AIDR with NVIDIA NeMo Guardrails to provide end-to-end protection for custom AI agents, from policy setting to runtime monitoring. The solution addresses core risks like prompt injection and data leakage through closed-loop security control.
CrowdStrike Launches Cloud-Native Containerized Platform Falcon Raptor for Critical Infrastructure Protection
CrowdStrike launched Falcon Raptor, a cloud-native containerized platform designed for air-gapped and critical systems, integrating next-gen AV, vulnerability management, and threat hunting. It supports offline updates via USB and is paired with a government-focused Falcon Nation Suite.
CrowdStrike Integrates XIoT Security Module into Government Platform
CrowdStrike adds XIoT security module to its Falcon Platform for Government, providing integrated visibility and threat detection for OT, IoT, and IIoT assets. The solution uses lightweight sensor technology without requiring additional agents, reducing security complexity for critical infrastructure.
Check Point Integrates Email Security Telemetry with CrowdStrike Falcon
Check Point integrates security telemetry from its Harmony Email & Collaboration solution into CrowdStrike Falcon Next-Gen SIEM platform, enabling automated flow of email security event data. The integration covers detailed information on advanced threats, phishing, and malware attacks, supporting correlated analysis in a unified console for SOC teams.
CrowdStrike Deep Integrates Generative AI into Security Operations Workflow
CrowdStrike's Charlotte AI platform enables natural language interaction for threat investigation, automated incident response, and security posture analysis. It generates remediation playbooks automatically, reducing operational complexity and improving SOC team efficiency, representing a shift towards intelligent security assistants.
CrowdStrike Enhances macOS Sensor Network Visibility
CrowdStrike added network connection monitoring to its Falcon macOS sensor, capturing source/destination IPs, ports, and process correlations. This delivers Windows/Linux-level EDR visibility for threat detection against fileless attacks and lateral movement. The update aligns with unified cross-platform security strategy for hybrid Apple device protection.
CrowdStrike Extends XIoT Security to Healthcare with Vertical Focus
CrowdStrike tailored its Falcon for XIoT solution for healthcare environments, using a single lightweight agent for device discovery, vulnerability prioritization and behavior-based threat detection. The solution features non-disruptive deployment to avoid impacting critical medical equipment.
CrowdStrike Unifies SIEM and XDR Data Layers Through Single Agent Architecture
CrowdStrike integrates native log collection into Falcon Next-Gen SIEM, leveraging existing Falcon sensors to capture security logs from endpoints, workloads and cloud environments. This eliminates the need for separate log forwarders, reducing data onboarding from weeks to seconds while cutting operational overhead and attack surface.
CrowdStrike Launches Phishing-Resistant MFA for Identity Platform
CrowdStrike introduces FalconID with FIDO2/WebAuthn standards for phishing-resistant MFA, integrated with Falcon platform for contextual risk analysis. This represents strategic expansion from endpoint to identity protection.
CrowdStrike Analyzes Evolution of Typosquatting Attack Techniques
CrowdStrike's threat intelligence team published a report detailing how threat actors are refining typosquatting techniques using homoglyphs and complex subdomain strategies to evade detection. These attacks are commonly used for initial access by mimicking legitimate sites to lure users into downloading malware.
CrowdStrike Falcon Data Protection: Stopping GenAI Data Leaks
CrowdStrike launches Falcon Data Protection with four key innovations: GenAI data protection, unified detection, AI classification, and insider threat dashboard.
CrowdStrike Falcon Data Protection Unified Solution: Stopping GenAI Data Leaks
CrowdStrike launches Falcon Data Protection unified solution with four key innovations: GenAI data protection, unified detection, AI-powered classification, and insider threat dashboard. Solution covers browsers, local apps, Shadow AI services, and cloud data flows with 10x detection breadth. Partnership with Intel for AI-powered precision classification at device layer. Average insider threat costs organizations $17.4M.