Latest news with #SCATTEREDSPIDER
Techday NZ
30-04-2025
- Business
- Techday NZ
CrowdStrike launches unified data protection for AI & cloud
CrowdStrike has introduced a collection of new capabilities aimed at providing real-time data protection across cloud infrastructures, AI models, endpoints, and SaaS applications. The set of products and features includes Falcon Cloud Security AI Model Scanning and AI Security Dashboard, Falcon Data Protection for Cloud and Endpoint, and a new range of SaaS Threat Services. These are designed to address the evolving methods by which adversaries target and extract sensitive information. One of the key advances highlighted by CrowdStrike is Falcon Cloud Security's ability to inspect AI models for malware, backdoors, and other alterations before they are deployed in production environments. Security teams will receive real-time visibility into all AI workloads within the cloud, supporting proactive risk management in an area seeing rapid growth and increasing interest from threat actors. The Falcon Data Protection for Cloud and Endpoint feature seeks to address security gaps by offering runtime data protection for both cloud and endpoint environments. This enables organisations to prevent the exfiltration of encrypted files and mitigates risks related to generative AI–led data leaks as they occur, according to the firm. CrowdStrike also announced SaaS Threat Services that include expert-led assessments and proactive threat detection and response, with the goal of helping organisations identify and mitigate risks stemming from SaaS application misuse or misconfiguration. These services have been designed in response to the growing prevalence of cloud-based attacks which target user identities and enterprise data. Recent cyber incidents have illustrated an adversarial shift from causing disruption to systematically stealing data, typically through exploitation of misconfigured systems and legitimate user credentials. CrowdStrike points to groups such as SCATTERED SPIDER and FAMOUS CHOLLIMA who have used compromised SSO accounts or insider access to extract internal documents, credentials, and intellectual property for extortion or further attack. As generative AI solutions are adopted more widely without adequate security controls, new points of exposure for sensitive data emerge within organisations. "In today's threat landscape, your data isn't just an asset – it's the primary target," said Elia Zaitsev, Chief Technology Officer at CrowdStrike. "Legacy data protection approaches fail because they're fragmented across environments, blind to encrypted exfiltration and incapable of stopping threats in real time. Today, businesses must also contend with employees inadvertently leaking sensitive data to unapproved or misused GenAI tools, adding new layers of risk. With Falcon Data Protection, we are the next chapter of data protection: unified visibility and control across your entire data ecosystem with the real-time protection needed to stop data theft before it happens." The Falcon Data Protection platform is promoted as a way to forgo a patchwork approach that often requires separate endpoint, cloud, and SaaS security solutions. Instead, it delivers comprehensive data protection from a single platform. Among the features are runtime data protection for cloud data at rest and in transit, which uses eBPF technology to identify and prevent unauthorised data movement in real-time across multi-cloud and on-premises environments. The Endpoint – Encryption Detection capability is intended to identify and block unauthorised attempts to archive and exfiltrate sensitive data within encrypted files, including 7zip formats, ahead of their encryption and movement. This, CrowdStrike asserts, helps prevent data theft regardless of the method used by attackers. For generative AI applications, Falcon Data Protection includes GenAI Data Leak Prevention, which applies proprietary Similarity Detection DNA technology. This approach detects sensitive material even if altered or disguised for input into GenAI tools. Enforcement policies can be tailored by content type and data sensitivity label, restricting the flow of sensitive data into both authorised and unauthorised GenAI platforms. Additional enhancements extend protection to macOS environments, aiming for consistent oversight and controls across varied device deployments. Just-in-Time Privileged Access and Identity-Based Threat Detection provide dynamic and situational access controls, as well as integration with broader threat intelligence, to address insider threats and external actors that exploit identity weaknesses. With identity-based attacks and SaaS vulnerabilities increasingly exploited for malicious gain, SaaS Threat Services cover incident response, risk assessments, and tailored guidance to shore up organisational defences for both on-premises and cloud-based data assets.
Yahoo
29-04-2025
- Business
- Yahoo
CrowdStrike Unveils Unified Data Protection to Secure Data Across Endpoints, Cloud, GenAI and SaaS
New Falcon Data Protection innovations stop encrypted file exfiltration, GenAI data leaks and SaaS misconfigurations, closing critical gaps attackers exploit to steal sensitive data AUSTIN, Texas & SAN FRANCISCO, April 29, 2025--(BUSINESS WIRE)--RSA 2025 – CrowdStrike (NASDAQ: CRWD) today announced new Falcon® Data Protection innovations, enabling security teams to protect sensitive data across endpoints, cloud environments and GenAI and SaaS applications to prevent exfiltration by insiders and identity-based attackers. With these innovations, the CrowdStrike Falcon® cybersecurity platform empowers teams to replace legacy DLP solutions that require separate tools for endpoint and cloud with real-time, unified protection from a single platform. Data is Now a Primary Adversary Target Adversaries are shifting from disruption to data theft, targeting misconfigurations and trusted identities to exfiltrate sensitive information and fuel downstream attacks. Groups like SCATTERED SPIDER compromise SSO accounts to harvest SharePoint and Outlook passwords, VPN instructions and internal documents to aid lateral movement and extortion. Others, like FAMOUS CHOLLIMA, gain insider access to company-issued endpoints and cloud environments, using remote access tools to steal intellectual property and customer data. As GenAI adoption accelerates, misconfigured applications and unsecured usage are creating new vectors for data exposure. CrowdStrike is closing the gaps adversaries exploit to steal data by protecting sensitive information across modern hybrid environments. "In today's threat landscape, your data isn't just an asset – it's the primary target," said Elia Zaitsev, chief technology officer, CrowdStrike. "Legacy data protection approaches fail because they're fragmented across environments, blind to encrypted exfiltration and incapable of stopping threats in real time. Today, businesses must also contend with employees inadvertently leaking sensitive data to unapproved or misused GenAI tools, adding new layers of risk. With Falcon Data Protection, we are the next chapter of data protection: unified visibility and control across your entire data ecosystem with the real-time protection needed to stop data theft before it happens." Transforming Data Protection Requires a Unified Platform Falcon Data Protection eliminates the need for separate, piecemeal endpoint, cloud and SaaS security tools by providing comprehensive protection through a single platform. Key innovations include: Runtime Cloud Data Protection Falcon Data Protection for Cloud: Delivers runtime protection for cloud data at rest and in motion, leveraging eBPF to detect and block unauthorized data movements in real time, without slowing systems down. Provides a single view of data flows across on-premises and multi-cloud environments. Industry-First Encrypted Exfiltration Prevention Falcon Data Protection for Endpoint – Encryption Detection: Revolutionary capability that inspects sensitive data within encrypted archives like 7zip files as they're created – identifying and automatically blocking data theft attempts before files are locked and exfiltrated. Complete GenAI Data Security Falcon Data Protection for Endpoint – GenAI Data Leak Prevention: Uses proprietary Similarity Detection DNA technology to recognize sensitive content even when modified or repackaged for GenAI tool upload. Enforces policies by content type, source or sensitivity label – preventing inadvertent exposure of sensitive information while blocking data leakage across both managed and unmanaged GenAI applications. Comprehensive Coverage Expansion Falcon Data Protection for Endpoint – macOS Expanded Protection: Extends unified data protection to macOS environments, delivering consistent visibility and enforcement across diverse endpoint fleets. SaaS Threat Services: Provides expert-led hunting, assessment and response for SaaS security threats that could compromise sensitive data. Falcon Privileged Access: Dynamically eliminates standing privileges to sensitive data, granting Just-in-Time elevated access only when needed and under secure conditions. Identity-Based Threat Detection: Combines Falcon® Next-Gen SIEM and Falcon® Identity Protection to rapidly detect and neutralize identity-based threats targeting sensitive data. CrowdStrike Pulse Services: Delivers ongoing, customized security guidance to strengthen data protection across on-premises and cloud environments. To learn more about CrowdStrike's latest data protection innovations: Visit booth N-6144 at RSA Read our blog About CrowdStrike CrowdStrike (NASDAQ: CRWD), a global cybersecurity leader, has redefined modern security with the world's most advanced cloud-native platform for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity and data. Powered by the CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon® platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities. Purpose-built in the cloud with a single lightweight-agent architecture, the Falcon platform delivers rapid and scalable deployment, superior protection and performance, reduced complexity and immediate time-to-value. CrowdStrike: We stop breaches. Learn more: Follow us: Blog | X | LinkedIn | Facebook | Instagram Start a free trial today: © 2025 CrowdStrike, Inc. All rights reserved. CrowdStrike and CrowdStrike Falcon are marks owned by CrowdStrike, Inc. and are registered in the United States and other countries. CrowdStrike owns other trademarks and service marks and may use the brands of third parties to identify their products and services. View source version on Contacts Media Contact Jake SchusterCrowdStrike Corporate Communicationspress@
Yahoo
29-04-2025
- Business
- Yahoo
CrowdStrike Unveils Unified Data Protection to Secure Data Across Endpoints, Cloud, GenAI and SaaS
New Falcon Data Protection innovations stop encrypted file exfiltration, GenAI data leaks and SaaS misconfigurations, closing critical gaps attackers exploit to steal sensitive data AUSTIN, Texas & SAN FRANCISCO, April 29, 2025--(BUSINESS WIRE)--RSA 2025 – CrowdStrike (NASDAQ: CRWD) today announced new Falcon® Data Protection innovations, enabling security teams to protect sensitive data across endpoints, cloud environments and GenAI and SaaS applications to prevent exfiltration by insiders and identity-based attackers. With these innovations, the CrowdStrike Falcon® cybersecurity platform empowers teams to replace legacy DLP solutions that require separate tools for endpoint and cloud with real-time, unified protection from a single platform. Data is Now a Primary Adversary Target Adversaries are shifting from disruption to data theft, targeting misconfigurations and trusted identities to exfiltrate sensitive information and fuel downstream attacks. Groups like SCATTERED SPIDER compromise SSO accounts to harvest SharePoint and Outlook passwords, VPN instructions and internal documents to aid lateral movement and extortion. Others, like FAMOUS CHOLLIMA, gain insider access to company-issued endpoints and cloud environments, using remote access tools to steal intellectual property and customer data. As GenAI adoption accelerates, misconfigured applications and unsecured usage are creating new vectors for data exposure. CrowdStrike is closing the gaps adversaries exploit to steal data by protecting sensitive information across modern hybrid environments. "In today's threat landscape, your data isn't just an asset – it's the primary target," said Elia Zaitsev, chief technology officer, CrowdStrike. "Legacy data protection approaches fail because they're fragmented across environments, blind to encrypted exfiltration and incapable of stopping threats in real time. Today, businesses must also contend with employees inadvertently leaking sensitive data to unapproved or misused GenAI tools, adding new layers of risk. With Falcon Data Protection, we are the next chapter of data protection: unified visibility and control across your entire data ecosystem with the real-time protection needed to stop data theft before it happens." Transforming Data Protection Requires a Unified Platform Falcon Data Protection eliminates the need for separate, piecemeal endpoint, cloud and SaaS security tools by providing comprehensive protection through a single platform. Key innovations include: Runtime Cloud Data Protection Falcon Data Protection for Cloud: Delivers runtime protection for cloud data at rest and in motion, leveraging eBPF to detect and block unauthorized data movements in real time, without slowing systems down. Provides a single view of data flows across on-premises and multi-cloud environments. Industry-First Encrypted Exfiltration Prevention Falcon Data Protection for Endpoint – Encryption Detection: Revolutionary capability that inspects sensitive data within encrypted archives like 7zip files as they're created – identifying and automatically blocking data theft attempts before files are locked and exfiltrated. Complete GenAI Data Security Falcon Data Protection for Endpoint – GenAI Data Leak Prevention: Uses proprietary Similarity Detection DNA technology to recognize sensitive content even when modified or repackaged for GenAI tool upload. Enforces policies by content type, source or sensitivity label – preventing inadvertent exposure of sensitive information while blocking data leakage across both managed and unmanaged GenAI applications. Comprehensive Coverage Expansion Falcon Data Protection for Endpoint – macOS Expanded Protection: Extends unified data protection to macOS environments, delivering consistent visibility and enforcement across diverse endpoint fleets. SaaS Threat Services: Provides expert-led hunting, assessment and response for SaaS security threats that could compromise sensitive data. Falcon Privileged Access: Dynamically eliminates standing privileges to sensitive data, granting Just-in-Time elevated access only when needed and under secure conditions. Identity-Based Threat Detection: Combines Falcon® Next-Gen SIEM and Falcon® Identity Protection to rapidly detect and neutralize identity-based threats targeting sensitive data. CrowdStrike Pulse Services: Delivers ongoing, customized security guidance to strengthen data protection across on-premises and cloud environments. To learn more about CrowdStrike's latest data protection innovations: Visit booth N-6144 at RSA Read our blog About CrowdStrike CrowdStrike (NASDAQ: CRWD), a global cybersecurity leader, has redefined modern security with the world's most advanced cloud-native platform for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity and data. Powered by the CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon® platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities. Purpose-built in the cloud with a single lightweight-agent architecture, the Falcon platform delivers rapid and scalable deployment, superior protection and performance, reduced complexity and immediate time-to-value. CrowdStrike: We stop breaches. Learn more: Follow us: Blog | X | LinkedIn | Facebook | Instagram Start a free trial today: © 2025 CrowdStrike, Inc. All rights reserved. CrowdStrike and CrowdStrike Falcon are marks owned by CrowdStrike, Inc. and are registered in the United States and other countries. CrowdStrike owns other trademarks and service marks and may use the brands of third parties to identify their products and services. View source version on Contacts Media Contact Jake SchusterCrowdStrike Corporate Communicationspress@ Sign in to access your portfolio
Zawya
23-04-2025
- Business
- Zawya
CrowdStrike unveils Falcon Privileged Access
Falcon platform secures the entire identity attack lifecycle – from initial access to privilege escalation and lateral movement – across hybrid environments; extends Charlotte AI Agentic Detection Triage to identity-based attacks Dubai, UAE – CrowdStrike (NASDAQ: CRWD) today announced the general availability of Falcon® Privileged Access, a new module within Falcon® Identity Protection. With unified privileged access controls, the AI-native CrowdStrike Falcon® cybersecurity platform is the only platform that secures the entire identity attack lifecycle – from initial compromise to privilege escalation and lateral movement – across hybrid environments. The company also extended breakthrough automation capabilities for Charlotte AI Agentic Detection Triage and Falcon® Next-Gen SIEM to accelerate response to identity-based attacks. These innovations empower organizations to move beyond fragmented legacy tools and unify end-to-end identity security across on-premises Active Directory, cloud-based identity providers and SaaS applications with AI-powered platform protection. 'Identity is under relentless attack, and adversaries are going straight for the keys to the kingdom – privileged access,' said Michael Sentonas, president of CrowdStrike. 'From social engineering to sophisticated insider abuse, they're escalating privileges to access the most sensitive systems and data. With Falcon Privileged Access, we're leveraging the power of the Falcon platform to eliminate standing privileges and make real-time, risk-aware access decisions. This latest innovation sets a new standard for end-to-end identity security, securing customers against persistent identity-based threats.' Seventy-nine percent of attacks to gain initial access are malware-free, as adversaries exploit trusted identities to infiltrate organizations undetected and move laterally to reach high-value targets. Groups like SCATTERED SPIDER use stolen credentials and social engineering, manipulating IT help desks to grant unauthorized access to targeted accounts. Others, like FAMOUS CHOLLIMA, embed malicious insiders equipped with company-issued laptops preloaded with remote access tools and registering their own MFA devices to escalate privileges. Stopping these threats requires live attack signals – like compromised credentials and risky device behavior – and the ability to assess risk and revoke access in real time. As a native part of the Falcon platform, Falcon Privileged Access uses real-time signals from endpoints/devices, industry-leading threat intelligence and advanced AI trained on trillions of security events to analyze user behavior and privilege status, and dynamically grant, block or revoke access. Paired with Falcon Identity Protection's advanced capabilities for initial access prevention and identity threat detection and response (ITDR), CrowdStrike secures the entire identity attack lifecycle across hybrid environments. New features and benefits include: Just-in-Time Privileged Access: Eliminates standing privileges and manual requests with dynamic, risk-aware access decisions. CrowdStrike ensures users only receive elevated permissions when they need them, and only under secure conditions. Real-time risk signals from the Falcon platform continuously assess user and device context, instantly revoking access if risk levels change. Just-in-Time Access complements broader Privileged Access Management (PAM) capabilities – including password vaulting and session recording – by delivering real-time visibility and dynamic policy enforcement from a unified platform that secures the identity attack lifecycle. Agentic Detection Triage for Identity-Based Attacks: CrowdStrike is bringing the power of agentic AI to Falcon Identity Protection with Charlotte AI Agentic Detection Triage, autonomously triaging cross-domain attack detections with over 98% accuracy [1] to rapidly prioritize the most critical threats. Unified Identity Security and Next-Gen SIEM: The combination of Falcon Identity Protection and Falcon Next-Gen SIEM enables security teams to detect and prioritize identity-based threats in real time, while Falcon Fusion SOAR automates Active Directory actions – like disabling compromised accounts and MFA enforcement – to respond at machine speed. To help customers strengthen their overall cybersecurity posture, CrowdStrike also unveiled CrowdStrike Pulse Services, an expert-led engagement program designed to reduce active risk and accelerate security program maturity. Specifically for identity-focused use cases, customers can leverage Pulse Services for cloud configuration assessments, identity policy reviews and identity threat protection optimization. These ongoing, outcome-focused and bite-sized sessions help teams uncover misconfigurations, enforce least privilege and fine-tune defenses to stop credential abuse. Falcon Privileged Access is now generally available. To learn more about Falcon Privileged Access and Falcon Identity Protection, read our blog. About CrowdStrike CrowdStrike (NASDAQ: CRWD), a global cybersecurity leader, has redefined modern security with the world's most advanced cloud-native platform for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity and data. Powered by the CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon® platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities. Purpose-built in the cloud with a single lightweight-agent architecture, the Falcon platform delivers rapid and scalable deployment, superior protection and performance, reduced complexity and immediate time-to-value. CrowdStrike: We stop breaches. Learn more: Follow us: Blog | X | LinkedIn | Facebook | Instagram Start a free trial today: © 2025 CrowdStrike, Inc. All rights reserved. CrowdStrike and CrowdStrike Falcon are marks owned by CrowdStrike, Inc. and are registered in the United States and other countries. CrowdStrike owns other trademarks and service marks and may use the brands of third parties to identify their products and services. Media Contact: Jake Schuster CrowdStrike Corporate Communications press@ [1] Accuracy rating is a measure of Charlotte AI triage decisions that match the expert decisions from the CrowdStrike Falcon Complete Next-Gen MDR team.
Techday NZ
23-04-2025
- Business
- Techday NZ
CrowdStrike launches Falcon Privileged Access to block threats
CrowdStrike has announced the general availability of Falcon Privileged Access, a new module designed to bolster identity security within the Falcon Identity Protection solution. The latest addition to CrowdStrike's AI-native cybersecurity platform offers unified privileged access controls and claims to secure the entire identity attack lifecycle, spanning from initial compromise to privilege escalation and lateral movement across hybrid IT environments. CrowdStrike disclosed that the company has also extended its automation capabilities for Charlotte AI Agentic Detection Triage and Falcon Next-Gen SIEM, which are aimed at enhancing detection and response efficiency for identity-based attacks. These combined solutions allow organisations to move away from fragmented legacy systems and unify end-to-end identity security across on-premises Active Directory implementations, cloud-based identity providers, and SaaS applications. Michael Sentonas, President of CrowdStrike, commented on the ongoing nature of identity-based threats, stating: "Identity is under relentless attack, and adversaries are going straight for the keys to the kingdom – privileged access. From social engineering to sophisticated insider abuse, they're escalating privileges to access the most sensitive systems and data. With Falcon Privileged Access, we're leveraging the power of the Falcon platform to eliminate standing privileges and make real-time, risk-aware access decisions. This latest innovation sets a new standard for end-to-end identity security, securing customers against persistent identity-based threats." CrowdStrike cited statistics showing that 79 percent of attacks intended to gain initial system access are malware-free, with adversaries often exploiting trusted identities to infiltrate organisations without detection and to move laterally to sensitive resources. Examples referenced by CrowdStrike include attack groups such as SCATTERED SPIDER, which use stolen credentials and manipulate IT help desks to gain unauthorised access, and FAMOUS CHOLLIMA, which allegedly uses insiders provided with company-issued devices and registered multi-factor authentication methods to escalate privileges. The company described Falcon Privileged Access as a solution that employs real-time signals from endpoints and devices, leveraging threat intelligence and AI trained on billions of security events to analyse user behaviour and privilege status. The system can dynamically grant, block, or revoke access as risk conditions change. In terms of practical features, Falcon Privileged Access offers just-in-time privileged access, which aims to remove standing privileges by providing temporary, dynamic permissions based on real-time, risk-aware evaluations. Access is granted only when needed and may be revoked if the user's or device's risk profile changes. The just-in-time function complements broader Privileged Access Management (PAM) capabilities, such as password vaulting and session recording, with dynamic policy enforcement and visibility. On the detection side, the updated platform introduces Agentic Detection Triage for identity-based attacks, which utilises Charlotte AI to autonomously triage cross-domain attack detections. According to CrowdStrike, this system prioritises critical threats with over 98 percent accuracy for accelerated incident response. Further, the integration of Falcon Identity Protection and Falcon Next-Gen SIEM is designed to provide real-time detection and automated response to identity-based threats. The Falcon Fusion SOAR component enables automated actions, such as disabling compromised accounts and enforcing multifactor authentication, to contain incidents at machine speed. CrowdStrike has also announced Pulse Services, a consulting programme intended to help customers improve their cybersecurity posture. For identity-related use cases, Pulse Services focuses on cloud configuration assessments, identity policy reviews, and enhancements to identity threat protection. These sessions are aimed at helping organisations uncover potential misconfigurations, enforce least privilege practices, and fine-tune defences against credential abuse.
