Latest news with #FalconAdversaryIntelligence
Techday NZ
06-08-2025
- Business
- Techday NZ
CrowdStrike unveils AI-driven updates to Falcon threat intelligence
CrowdStrike has announced the latest release of Falcon Adversary Intelligence, providing real-time, personalised threat intelligence embedded into security operations centre workflows. The new version of Falcon Adversary Intelligence aims to align threat intelligence with each customer's environment, exposures, and detections, operationalising intelligence at scale for improved detection, hunting and response. CrowdStrike has a history of tracking over 265 nation-state, eCrime and hacktivist groups globally. Its current offering seeks to address the challenge security teams face with fragmented intelligence across disconnected tools and the lack of context needed to understand how adversary threats apply to an organisation's specific risk profile and technology stack. The company stated that adversaries are growing in sophistication, leveraging artificial intelligence to accelerate attacks while also targeting AI-supported business operations. The latest update of Falcon Adversary Intelligence is designed to address these developments by replacing fragmented intelligence tools and static feeds with a personalised approach that uses the Falcon platform's first-party telemetry. This system prioritises and personalises intelligence according to each organisation's unique environment and risk factors. Key features Among the main features introduced is automated onboarding and intelligent rule creation. The system integrates infrastructure mapping and utilises knowledge from across the Falcon platform to deliver customer-specific intelligence. This includes reporting on relevant threats and trends, monitoring dark web activities, and highlighting information according to industry, technology stack, and detection data. Platform-driven prioritisation is another component, generating contextual threat profiles that reflect real-time detections, known exposures, and company profiles. For example, if a new threat targets a specific industry, the system automatically elevates its priority, providing in-depth threat profiles, Tactics, Techniques, and Procedures, targeting patterns, and related intrusion information to support rapid decision-making by analysts. The release also introduces Threat Hunting Guides within Falcon Adversary Intelligence Premium. These guides allow analysts to shift directly from threat insights to targeted investigations across their environments. With prebuilt queries and guided workflows, analysts can avoid time-consuming manual research, reducing investigations from as many as 15 steps to just a few clicks. When used with Falcon Next-Gen SIEM, the platform's click-to-hunt capabilities are intended to further reduce manual effort and enable faster response to emerging threats. Additionally, Intelligence Explorer provides analysts with a consolidated workspace to investigate threats, cross-reference adversary context, and correlate detection results within a single view for streamlined operations. "Today's adversaries are treating speed and stealth like weapons, using GenAI, cross-domain attacks, and targeted social engineering to move faster than ever while staying undetected," said Adam Meyers, Head of Counter Adversary Operations at CrowdStrike. "Threat intelligence can't just inform – it has to drive action. This is a smarter, more dynamic way to deliver intel aligned to each customer's environment. By boosting relevance, accelerating response, and delivering real operational ROI, analysts can act faster, hunt smarter, and stay ahead of today's most sophisticated threats." The approach taken by Falcon Adversary Intelligence is intended to increase the relevance and timeliness of data available to security analysts, replacing manual workflows with automation where possible and reducing investigation time. The system continually adapts based on live data from the client's environment, supporting prioritisation of threats that are most pertinent to each organisation's exposures and operations. CrowdStrike highlighted its intention for the Falcon platform to contribute to more effective and context-driven threat defence as adversaries escalate the use of automation and AI in their attacks against enterprise environments. The company reports that these updates are now available to customers, enabling security teams to access real-time intelligence and workflow support within the Falcon ecosystem.
Business Wire
05-08-2025
- Business
- Business Wire
CrowdStrike Delivers a New Era of Operational Threat Intelligence, Personalized to Each Customer Environment
AUSTIN, Texas--(BUSINESS WIRE)-- Black Hat USA 2025, Las Vegas – CrowdStrike (NASDAQ: CRWD) today introduced a breakthrough in how organizations consume and act on threat intelligence: delivering real-time, personalized adversary insights into analyst workflows and aligning threat intelligence to each customer's environment, exposures, and detections. CrowdStrike has long set the industry standard for adversary intelligence, tracking more than 265 of the world's most sophisticated nation-state, eCrime and hacktivist groups. This latest release of CrowdStrike Falcon® Adversary Intelligence operationalizes threat intelligence at scale, turning elite adversary insights into immediate, decisive action. Security teams are overwhelmed by fragmented intelligence spread across disconnected tools, lacking the context required to rapidly understand how the adversary threat applies to their organization's unique risk profile and technology environment. At the same time, adversaries continue to grow in sophistication, weaponizing AI to accelerate attacks at scale, while also targeting the AI systems and autonomous agents driving modern business operations. Defenders need intelligence that is accurate and hyper relevant to their unique environments – available to them in real-time. Falcon Adversary Intelligence replaces fragmented tools, static feeds, and manual research with customized intelligence driven by the CrowdStrike Falcon® platform's first-party telemetry. By combining a deep understanding of adversary tradecraft with real-time insight into each customer's assets, exposures, and detections, CrowdStrike uniquely delivers prioritized, high-fidelity intelligence personalized to each organization's unique risk profile. CrowdStrike is transforming the way organizations consume and operationalize threat intelligence through: Automated Onboarding and Intelligent Rule Creation: Using infrastructure mapping and other customer knowledge from across the Falcon platform, the system dynamically leverages each organization's risk profile to deliver personalized intelligence – reporting on relevant threats and trends, tracking activity on the dark web, and surfacing the most relevant information based on industry, tech stack, and detections. Platform-driven Prioritization with Contextual Threat Profiles: Threats are prioritized based on real-time detections, active exposures, and company profile. For example, when a new threat is identified targeting a customer's industry – including the adversary behind it, recent campaigns, and recommended response – it is automatically elevated. Each threat includes a high-fidelity profile with attribution, TTPs, targeting patterns, and intrusion sets, giving analysts the full context to act quickly and decisively. Threat Hunting Guides: Available in Falcon Adversary Intelligence Premium, analysts can now pivot instantly from insights to targeted Hunting Guides to detect a threat across their environment. Prebuilt queries and guided workflows – directly linked with intelligence – eliminate the need to manually research adversaries, build queries, or stitch together context, reducing a 10–15 step investigation to a few clicks. When paired with Falcon® Next-Gen SIEM, click-to-hunt workflows further reduce manual effort and enable rapid, informed response to emerging threats. Intelligence Built for SOC Workflows: Intelligence Explorer provides a unified workspace to investigate threats, pivot across adversary context, and correlate detections in one view. 'Today's adversaries are treating speed and stealth like weapons, using GenAI, cross-domain attacks, and targeted social engineering to move faster than ever while staying undetected,' said Adam Meyers, head of counter adversary operations at CrowdStrike. 'Threat intelligence can't just inform – it has to drive action. This is a smarter, more dynamic way to deliver intel aligned to each customer's environment. By boosting relevance, accelerating response, and delivering real operational ROI, analysts can act faster, hunt smarter, and stay ahead of today's most sophisticated threats.' For more information, read our blog, visit us online, or stop by the CrowdStrike Black Hat booth #2733. About CrowdStrike CrowdStrike (NASDAQ: CRWD), a global cybersecurity leader, has redefined modern security with the world's most advanced cloud-native platform for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity and data. Powered by the CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon® platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities. Purpose-built in the cloud with a single lightweight-agent architecture, the Falcon platform delivers rapid and scalable deployment, superior protection and performance, reduced complexity and immediate time-to-value. CrowdStrike: We stop breaches. © 2025 CrowdStrike, Inc. All rights reserved. CrowdStrike and CrowdStrike Falcon are marks owned by CrowdStrike, Inc. and are registered in the United States and other countries. CrowdStrike owns other trademarks and service marks and may use the brands of third parties to identify their products and services.
