CrowdStrike, a provider of cloud-delivered endpoint, cloud workload, identity, and data protection, unveiled the industry’s first AI-powered Indicators of Attack (IoAs), as well as new innovations for fileless attack prevention at scale and enhanced visibility for stealthy cloud intrusions.
These new detection and response capabilities, delivered on the CrowdStrike Falcon platform and powered by the CrowdStrike Security Cloud, stop emerging attack techniques and enable organizations to optimize the threat detection and response lifecycle with speed, scale, and accuracy.
CrowdStrike invented IoAs more than a decade ago, ushering in a fundamentally new approach to stopping breaches based on real adversary behavior, regardless of the malware or exploit used in an attack. CrowdStrike has also pushed the boundaries of using AI in cybersecurity to detect and prevent the most advanced and emerging threats. CrowdStrike is now using advanced AI techniques to generate new IoAs at machine speed and scale.
“CrowdStrike leads the way in stopping the most sophisticated attacks with our industry-leading Indicators of Attack capability, which revolutionized how security teams prevent threats based on adversary behavior, not easily changed indicators,” said Amol Kulkarni, chief product and engineering officer at CrowdStrike. “Now, we are changing the game again with the addition of AI-powered Indicators of Attack, which enable organizations to harness the power of the CrowdStrike Security Cloud to examine adversary behavior at machine speed and scale to stop breaches in the most effective way possible.”
The Falcon platform’s new capabilities include:
Organizations are under increasing pressure to defend their expanding attack surfaces against emerging threats and adversary tactics. Organizations can use the Falcon platform to:
Notably, AI-powered IoAs have discovered over 20 previously unseen adversary patterns that have been validated by experts and implemented on the Falcon platform for automated detection and prevention.
According to CrowdStrike’s Global Threat Report for 2022, 62 percent of all attacks are malware-free. These fileless attacks can be executed entirely in memory, exposing a vulnerability for threat actors to exploit. Organizations can use the Falcon platform to:
As Linux environments, data, and applications have moved to the cloud, adversaries have followed to open backdoors, steal sensitive data, and hide their movements. Organizations can use the Falcon platform to:
“Using CrowdStrike sets Cundall apart as one of the more advanced organizations in an industry that typically lags behind other sectors in IT and cybersecurity adoption,” said Lou Lwin, CIO at Cundall. “Today, attacks are becoming more sophisticated and if they are machine-based attacks, there is no way an operator can keep up. The threat landscape is ever-changing. So, you need machine-based defenses and a partner that understands security is not ‘one and done.’ It is evolving all the time.”
According to Forrester, “No security tool can detect every attack. Cybersecurity pits adversaries against defenders. Defensive technologies rely on rules, heuristics, and outliers to find evil. Those technologies lack one essential component that threat hunting introduces: the creativity of the practitioners defending enterprise environments.”
Please visit www.crowdstrike.com/falcon-platform/ for more information on the CrowdStrike Falcon platform.