CrowdStrike unveils new AI & cloud tools for cyber defence

Techday NZ

30-04-2025

CrowdStrike has announced new capabilities intended to enhance security across AI models, cloud environments, data, identities and SaaS applications.
The company unveiled advancements to its Falcon cybersecurity platform, which aim to deliver protection for AI models, cloud data, identities and software-as-a-service (SaaS) environments, while providing real-time defence and visibility across hybrid and multi-cloud infrastructures.
The newly introduced developments include Falcon Cloud Security AI Model Scanning and an AI Security Dashboard. According to CrowdStrike, these tools allow organisations to detect hidden malware, backdoors and other manipulations within AI models before they reach production, and offer real-time visibility across all AI workloads in cloud settings.
CrowdStrike also announced Falcon Data Protection for Cloud and Endpoint, which addresses security gaps by enabling runtime data protection across both cloud and endpoint environments. The company states that this can halt attempts to exfiltrate encrypted data and prevent generative AI-driven data leaks in real time.
Additional services include new expert-led SaaS Threat Services, which offer organisations SaaS threat assessments, proactive threat detection, and response to address SaaS-based attacks targeting identities and sensitive data.
Elia Zaitsev, Chief Technology Officer at CrowdStrike, commented on the state of the industry and the company's approach: "Cloud security is about more than visibility - it's about full protection and control across multi-cloud environments. The explosion of AI, combined with multi-cloud complexity, has outpaced patchwork tools that can't keep up with today's adversaries, or are limited to single cloud environments."
"CrowdStrike is breaking that model. These innovations deliver real-time protection, not just telemetry, across every layer of risk: data, workloads, identities, SaaS and AI. It's what only a unified, AI-native platform can do, and is the difference between watching attacks happen and actually stopping them."
CrowdStrike's Falcon Cloud Security platform sets out to secure AI innovation happening in cloud environments. The firm has highlighted its previous work with Falcon Cloud Security AI-SPM and AI Red Team Services, developed to protect cloud infrastructure, systems and models that underpin AI initiatives. The latest developments build on these foundations, providing new tools for detection and mitigation of risks in AI models before they manifest as threats, as well as increased visibility into an organisation's overall AI security posture.
The AI Model Scanning feature proactively inspects AI models contained within cloud infrastructure for hidden malware, trojanised models, backdoors and adversarial manipulations, aiming to prevent compromised models from executing or moving to production environments. The feature is powered by CrowdStrike's threat intelligence and ExPRT.AI, permitting security teams to identify and remediate critical risks prior to deployment, block untrusted models, and close potential security gaps before threats can materialise.
The AI Security Dashboard is designed to give security teams real-time visibility and centralised control over all AI workloads in the cloud. Utilising agentless monitoring, the dashboard allows detection of shadow AI, enforcement of security policies, and monitoring of sensitive training data, aiming to reduce an organisation's exposure and support compliant adoption of AI technologies.
New capabilities announced for cloud identity, data, and SaaS protection include Falcon Data Protection for Cloud, which CrowdStrike says secures cloud data at runtime with real-time monitoring and enforcement enabled by eBPF, preventing unauthorised access and data exposure without impacting system performance.
The company also introduced SaaS Threat Services, described as tailored assessments and threat detection for SaaS applications, as well as Falcon Privileged Access, which removes standing privileges and manual access requests to sensitive systems and data through dynamic just-in-time access decisions. CrowdStrike Pulse Services, which are delivered through modular, expert-led engagements, have been added to help organisations prioritise and remediate misconfigurations, manage cloud identities, and reduce attack surfaces.
CrowdStrike states that its approach to securing hybrid and multi-cloud environments is to provide unified visibility and control across diverse cloud infrastructure, workloads, applications, identities, data, AI models and SaaS. The company cited the increasing frequency of cloud intrusions, especially those leveraging valid account access, as well as the growing complexity posed by the rise of AI and SaaS solutions.
The company's Falcon platform draws on real-time attack indicators, evolving threat intelligence, and telemetry across enterprises to deliver detections, automated response and threat hunting. CrowdStrike says this architecture is intended to provide rapid deployment, protection at scale and reduced complexity for organisations managing critical security requirements in modern cloud environments.