Reports
AI-generated structured vendor updates
CrowdStrike Uncovers Kerberos Relay Attack via DNS CNAME Abuse
CrowdStrike identified a novel Kerberos relay technique where attackers forge DNS CNAME records to bypass authentication. By exploiting domain resolution vulnerabilities, this method redirects Kerberos traffic to malicious servers, requiring correlation of DNS and authentication logs for detection.
How Charlotte AI Agentworks Fuels Security's Agentic Ecosystem
...
CrowdStrike Launches AI Agent Autonomous Execution Platform AgentWorks
CrowdStrike upgrades Charlotte AI from chatbot to autonomous agent platform. Users can create, orchestrate and deploy AI agents via natural language for security automation. This shifts security operations from manual to agent-driven model.
CrowdStrike Advances AI Agent Ecosystem for Security Automation
CrowdStrike introduces Charlotte AI AgentWorks to build an AI agent ecosystem automating security operations. The platform enables agent collaboration for threat detection and response, improving efficiency and reducing manual efforts.
CrowdStrike Extends Falcon Platform with Data Security Features
CrowdStrike has enhanced its Falcon platform with data security capabilities to secure data at rest and in transit, offering unified protection across all environments regardless of location or movement.
CrowdStrike Extends Platform to Data Security Layer for Unified Protection
CrowdStrike adds Data Security module to Falcon platform, offering data discovery, classification, and real-time protection for endpoints, cloud, and SaaS. Integrates data security posture management with existing EDR via unified console to prevent data exfiltration.
CrowdStrike Launches Agentic MDR Service Powered by AI Agents
CrowdStrike introduces Agentic MDR service automating security operations through AI agents. The service integrates Falcon platform, Charlotte AI and professional teams for end-to-end automated operations from investigation to remediation.
CrowdStrike CNAPP Integrates Threat Intelligence for Risk Prioritization
CrowdStrike adds threat intelligence-based risk prioritization to CNAPP, correlating cloud risks with known adversary TTPs. Integrated with Falcon platform data, it enables security teams to prioritize vulnerabilities and misconfigurations linked to active threat actors.
CrowdStrike Launches On-Demand Security Expert Service Subscription
CrowdStrike extends its Falcon platform subscription model to professional services with Flex for Services. The offering provides on-demand access to elite security experts for threat hunting, incident response without long-term contracts. This moves product-level threat intelligence advantages to service delivery.
CrowdStrike Integrates Adversary-Informed Risk Prioritization into CNAPP
CrowdStrike has added industry-first adversary-informed risk prioritization to its Cloud Native Application Protection Platform (CNAPP), leveraging Threat Graph data to automate identification of high-risk security events and optimize SOC resource allocation.
CrowdStrike Reconstructs SOC Architecture with AI Agents
CrowdStrike's Agentic MDR service enables closed-loop detection-investigation-response via AI agents, transforming human-driven SOC into autonomous Agentic SOC architecture with deployable technical blueprint.
CrowdStrike Falcon SIEM Integrates Third-Party EDR, First with Microsoft Defender
CrowdStrike extends Falcon Next-Gen SIEM to integrate third-party EDR tools, starting with Microsoft Defender for Endpoint. Customers can now ingest Defender telemetry into Falcon SIEM, breaking the traditional same-vendor SIEM-EDR requirement.
CrowdStrike Launches AI Agent Security and Shadow AI Governance Solutions
CrowdStrike launched Falcon for AI Security for runtime protection of AI agents, and Falcon Exposure Management for AI to govern shadow AI applications. The solutions cover endpoints, SaaS, and cloud environments, aiming for full lifecycle security of AI applications.
CrowdStrike Expands Falcon SIEM to Support Third-Party EDR Tools
CrowdStrike has added support for third-party EDR tools to its next-gen SIEM, Falcon, starting with Microsoft Defender. This enables cross-vendor security data integration, improving incident response efficiency and reducing deployment complexity for enterprises.
CrowdStrike Innovations for Securing AI Agents and Shadow AI
CrowdStrike introduces new capabilities to secure AI agents and govern shadow AI across endpoints, SaaS, and cloud. This innovation extends unified security controls to address unauthorized AI usage threats, enhancing enterprise AI security architecture.
CrowdStrike Discloses Tycoon2FA Phishing-as-a-Service Platform Remains Active
CrowdStrike's threat intelligence team reveals Tycoon2FA Phishing-as-a-Service platform uses reverse proxy architecture to intercept user sessions in real-time, bypassing two-factor authentication. The service operates on a subscription model offering customized phishing pages and automated tools, linked to multiple attack campaigns.
CrowdStrike Discloses GitHub Actions Supply Chain Attack
CrowdStrike's threat intelligence team exposed a supply chain attack on Trivy's GitHub Action, where hijacked accounts injected malware to steal credentials. The incident highlights critical risks in CI/CD third-party dependencies, urging enhanced security reviews and runtime monitoring of Actions.
CrowdStrike and NVIDIA Integrate AI Agent Security Solution
CrowdStrike integrates Falcon AIDR with NVIDIA NeMo Guardrails to provide end-to-end protection for custom AI agents, from policy setting to runtime monitoring. The solution addresses core risks like prompt injection and data leakage through closed-loop security control.
CrowdStrike Integrates XIoT Security Module into Government Platform
CrowdStrike adds XIoT security module to its Falcon Platform for Government, providing integrated visibility and threat detection for OT, IoT, and IIoT assets. The solution uses lightweight sensor technology without requiring additional agents, reducing security complexity for critical infrastructure.
CrowdStrike Launches Cloud-Native Containerized Platform Falcon Raptor for Critical Infrastructure Protection
CrowdStrike launched Falcon Raptor, a cloud-native containerized platform designed for air-gapped and critical systems, integrating next-gen AV, vulnerability management, and threat hunting. It supports offline updates via USB and is paired with a government-focused Falcon Nation Suite.