Latest news with #FalconCloudSecurityAIModelScanning
Techday NZ
30-04-2025
- Business
- Techday NZ
CrowdStrike launches unified data protection for AI & cloud
CrowdStrike has introduced a collection of new capabilities aimed at providing real-time data protection across cloud infrastructures, AI models, endpoints, and SaaS applications. The set of products and features includes Falcon Cloud Security AI Model Scanning and AI Security Dashboard, Falcon Data Protection for Cloud and Endpoint, and a new range of SaaS Threat Services. These are designed to address the evolving methods by which adversaries target and extract sensitive information. One of the key advances highlighted by CrowdStrike is Falcon Cloud Security's ability to inspect AI models for malware, backdoors, and other alterations before they are deployed in production environments. Security teams will receive real-time visibility into all AI workloads within the cloud, supporting proactive risk management in an area seeing rapid growth and increasing interest from threat actors. The Falcon Data Protection for Cloud and Endpoint feature seeks to address security gaps by offering runtime data protection for both cloud and endpoint environments. This enables organisations to prevent the exfiltration of encrypted files and mitigates risks related to generative AI–led data leaks as they occur, according to the firm. CrowdStrike also announced SaaS Threat Services that include expert-led assessments and proactive threat detection and response, with the goal of helping organisations identify and mitigate risks stemming from SaaS application misuse or misconfiguration. These services have been designed in response to the growing prevalence of cloud-based attacks which target user identities and enterprise data. Recent cyber incidents have illustrated an adversarial shift from causing disruption to systematically stealing data, typically through exploitation of misconfigured systems and legitimate user credentials. CrowdStrike points to groups such as SCATTERED SPIDER and FAMOUS CHOLLIMA who have used compromised SSO accounts or insider access to extract internal documents, credentials, and intellectual property for extortion or further attack. As generative AI solutions are adopted more widely without adequate security controls, new points of exposure for sensitive data emerge within organisations. "In today's threat landscape, your data isn't just an asset – it's the primary target," said Elia Zaitsev, Chief Technology Officer at CrowdStrike. "Legacy data protection approaches fail because they're fragmented across environments, blind to encrypted exfiltration and incapable of stopping threats in real time. Today, businesses must also contend with employees inadvertently leaking sensitive data to unapproved or misused GenAI tools, adding new layers of risk. With Falcon Data Protection, we are the next chapter of data protection: unified visibility and control across your entire data ecosystem with the real-time protection needed to stop data theft before it happens." The Falcon Data Protection platform is promoted as a way to forgo a patchwork approach that often requires separate endpoint, cloud, and SaaS security solutions. Instead, it delivers comprehensive data protection from a single platform. Among the features are runtime data protection for cloud data at rest and in transit, which uses eBPF technology to identify and prevent unauthorised data movement in real-time across multi-cloud and on-premises environments. The Endpoint – Encryption Detection capability is intended to identify and block unauthorised attempts to archive and exfiltrate sensitive data within encrypted files, including 7zip formats, ahead of their encryption and movement. This, CrowdStrike asserts, helps prevent data theft regardless of the method used by attackers. For generative AI applications, Falcon Data Protection includes GenAI Data Leak Prevention, which applies proprietary Similarity Detection DNA technology. This approach detects sensitive material even if altered or disguised for input into GenAI tools. Enforcement policies can be tailored by content type and data sensitivity label, restricting the flow of sensitive data into both authorised and unauthorised GenAI platforms. Additional enhancements extend protection to macOS environments, aiming for consistent oversight and controls across varied device deployments. Just-in-Time Privileged Access and Identity-Based Threat Detection provide dynamic and situational access controls, as well as integration with broader threat intelligence, to address insider threats and external actors that exploit identity weaknesses. With identity-based attacks and SaaS vulnerabilities increasingly exploited for malicious gain, SaaS Threat Services cover incident response, risk assessments, and tailored guidance to shore up organisational defences for both on-premises and cloud-based data assets.
Techday NZ
30-04-2025
- Business
- Techday NZ
CrowdStrike unveils new AI & cloud tools for cyber defence
CrowdStrike has announced new capabilities intended to enhance security across AI models, cloud environments, data, identities and SaaS applications. The company unveiled advancements to its Falcon cybersecurity platform, which aim to deliver protection for AI models, cloud data, identities and software-as-a-service (SaaS) environments, while providing real-time defence and visibility across hybrid and multi-cloud infrastructures. The newly introduced developments include Falcon Cloud Security AI Model Scanning and an AI Security Dashboard. According to CrowdStrike, these tools allow organisations to detect hidden malware, backdoors and other manipulations within AI models before they reach production, and offer real-time visibility across all AI workloads in cloud settings. CrowdStrike also announced Falcon Data Protection for Cloud and Endpoint, which addresses security gaps by enabling runtime data protection across both cloud and endpoint environments. The company states that this can halt attempts to exfiltrate encrypted data and prevent generative AI-driven data leaks in real time. Additional services include new expert-led SaaS Threat Services, which offer organisations SaaS threat assessments, proactive threat detection, and response to address SaaS-based attacks targeting identities and sensitive data. Elia Zaitsev, Chief Technology Officer at CrowdStrike, commented on the state of the industry and the company's approach: "Cloud security is about more than visibility - it's about full protection and control across multi-cloud environments. The explosion of AI, combined with multi-cloud complexity, has outpaced patchwork tools that can't keep up with today's adversaries, or are limited to single cloud environments." "CrowdStrike is breaking that model. These innovations deliver real-time protection, not just telemetry, across every layer of risk: data, workloads, identities, SaaS and AI. It's what only a unified, AI-native platform can do, and is the difference between watching attacks happen and actually stopping them." CrowdStrike's Falcon Cloud Security platform sets out to secure AI innovation happening in cloud environments. The firm has highlighted its previous work with Falcon Cloud Security AI-SPM and AI Red Team Services, developed to protect cloud infrastructure, systems and models that underpin AI initiatives. The latest developments build on these foundations, providing new tools for detection and mitigation of risks in AI models before they manifest as threats, as well as increased visibility into an organisation's overall AI security posture. The AI Model Scanning feature proactively inspects AI models contained within cloud infrastructure for hidden malware, trojanised models, backdoors and adversarial manipulations, aiming to prevent compromised models from executing or moving to production environments. The feature is powered by CrowdStrike's threat intelligence and permitting security teams to identify and remediate critical risks prior to deployment, block untrusted models, and close potential security gaps before threats can materialise. The AI Security Dashboard is designed to give security teams real-time visibility and centralised control over all AI workloads in the cloud. Utilising agentless monitoring, the dashboard allows detection of shadow AI, enforcement of security policies, and monitoring of sensitive training data, aiming to reduce an organisation's exposure and support compliant adoption of AI technologies. New capabilities announced for cloud identity, data, and SaaS protection include Falcon Data Protection for Cloud, which CrowdStrike says secures cloud data at runtime with real-time monitoring and enforcement enabled by eBPF, preventing unauthorised access and data exposure without impacting system performance. The company also introduced SaaS Threat Services, described as tailored assessments and threat detection for SaaS applications, as well as Falcon Privileged Access, which removes standing privileges and manual access requests to sensitive systems and data through dynamic just-in-time access decisions. CrowdStrike Pulse Services, which are delivered through modular, expert-led engagements, have been added to help organisations prioritise and remediate misconfigurations, manage cloud identities, and reduce attack surfaces. CrowdStrike states that its approach to securing hybrid and multi-cloud environments is to provide unified visibility and control across diverse cloud infrastructure, workloads, applications, identities, data, AI models and SaaS. The company cited the increasing frequency of cloud intrusions, especially those leveraging valid account access, as well as the growing complexity posed by the rise of AI and SaaS solutions. The company's Falcon platform draws on real-time attack indicators, evolving threat intelligence, and telemetry across enterprises to deliver detections, automated response and threat hunting. CrowdStrike says this architecture is intended to provide rapid deployment, protection at scale and reduced complexity for organisations managing critical security requirements in modern cloud environments.
