CrowdStrike Uncovers Advanced Attacks with Falcon

CrowdStrike Uncovers Advanced Attacks with Falcon

By Greg Tavarez

Indicators of attack, or IoAs, a term CrowdStrike introduced  more than a decade ago, brought a new approach to stopping breaches based on real adversary behavior, irrespective of the malware or exploit used in an attack.

CrowdStrike also pushed the boundaries of applying AI in cybersecurity to identify and stop the most advanced, emerging attacks. According to the 2022 CrowdStrike Global Threat Report, almost two-thirds of attacks are malware-free. These fileless attacks can be carried out entirely in memory, creating a blind spot for threat actors to exploit

Now, CrowdStrike is leveraging powerful AI techniques to create new IoAs at machine speed and scale — new innovations for fileless attack prevention at scale and enhanced visibility for stealthy cloud intrusions. 

Delivered on the CrowdStrike Falcon platform and powered by the CrowdStrike Security Cloud, these new detection and response capabilities stop emerging attack techniques and enable organizations to optimize the threat detection and response lifecycle with speed, scale and accuracy.

With the Falcon platform, organizations:

  • Detect new classes of attacks, faster: Find emerging attack techniques with new IoAs created by continuously learning AI models.
  • Drive automated prevention with high-fidelity detections: Shutdown attacks based on a chain of behaviors, irrespective of the specific malware or tools used, with cloud-native AI models constantly delivered to the Falcon agent with newly-found IoAs.
  • Activate IoAs at cloud scale, trained on human-led expertise: Synthesize insights with AI-powered IoAs from CrowdStrike’s threat hunting team to minimize false positives, maximize analyst productivity and deploy threat hunting at scale.
  • Prevent the most advanced fileless attacks: Stop advanced persistent threats and prevalent tools with advanced memory scanning techniques that augment AI/ML and IoA detections with fast scanning of all memory at unprecedented scale.
  • Leave bloated memory scanning behind and switch to high-performance memory scanning techniques, optimized for Intel CPU/GPUs.
  • Initiate memory scans on behavior, not a fixed schedule: Automate scans with behavior-based triggers to find and stop fileless attack patterns in real time, not after a potential breach.

“We are changing the game again with the addition of AI-powered indicators of attack, which enable organizations to harness the power of the CrowdStrike Security Cloud to examine adversary behavior at machine speed and scale to stop breaches in the most effective way possible,” said Amol Kulkarni, chief product and engineering officer at CrowdStrike.

The Falcon platform was built in the cloud with a single lightweight-agent architecture to deliver rapid and scalable deployment, protection and performance, reduced complexity and immediate time-to-value.




Edited by Erik Linask
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

SHARE THIS ARTICLE
Related Articles

Shining a Light on the Dark Web: Searchlight Cyber Debuts Comprehensive Hub

By: Greg Tavarez    3/28/2024

The Dark Web Hub is a one-stop shop for crucial context and continuously updated information on dark web marketplaces, ransomware actors, hacking foru…

Read More

Stellar Cyber and Trellix Bridge the Gap in Security Operations

By: Greg Tavarez    3/28/2024

Stellar Cyber announced the integration with Trellix Endpoint Security HX to allow customers to deploy more robust security solutions and improve thei…

Read More

CyberSaint Raises $21M in Series A Funding to Continue Securing its CyberStrong Customers

By: Alex Passett    3/27/2024

CyberSaint announced that it succeeded in a huge $21 million Series A funding round. This was led by Riverside Acceleration Capital (RAC) with other i…

Read More

US Education Receives Security Upgrade with Free Browser Protection Offered by Conceal, Carahsoft

By: Greg Tavarez    3/27/2024

Conceal and Carahsoft recently unveiled an initiative to fortify the cybersecurity infrastructure of U.S. educational institutions.

Read More

Cato's AI Takes Control of Security and Incident Response

By: Greg Tavarez    3/27/2024

With Cato's recently announced Network Stories for Cato XDR, advanced AI algorithms instantly identify outages in customer networks and conduct root c…

Read More