The need for speed and agility in today’s digital business requires changes to IT infrastructure, most notably the shift to cloud-native architectures and the adoption of DevOps best practices to improve the speed and efficiency with which enterprise applications are brought to market. This shift has led many businesses to move to containers, microservices and Kubernetes (K8s) … [Read more...] about Falcon CWP Complete Closing Cloud Security Skills Gap
Falcon
Protecting Users from Malicious Sites with Falcon for Mobile
Introduction Today, mobile devices are ubiquitous within enterprise environments. But with their proliferation, it provides adversaries with yet another attack surface with which they can target users and cause a breach. From phishing attacks to malicious apps, mobile users tend to let their guard down and potentially click on obfuscated links to malicious sites. Falcon for … [Read more...] about Protecting Users from Malicious Sites with Falcon for Mobile
How to Setup the CrowdStrike Falcon SIEM Connector
Introduction The Falcon SIEM Connector provides users a turnkey, SIEM-consumable data stream. The Falcon SIEM Connector: Transforms Crowdstrike API data into a format that a SIEM can consume Maintains the connection to the CrowdStrike Event Streaming API and your SIEM Manages the data-stream pointer to prevent data loss Prerequisites Before using the Falcon SIEM Connector, … [Read more...] about How to Setup the CrowdStrike Falcon SIEM Connector
How to Import IOCs Into the CrowdStrike Falcon Platform
Introduction As part of the CrowdStrike API, the “Custom IOC APIs” allows you to retrieve, upload, update, search, and delete custom Indicators of Compromise (IOCs) that you want CrowdStrike to identify. With the ability to upload IOCs to the endpoints can automatically detect and prevent attacks identified by the indicators provided from a threat feed. Prerequisites To get … [Read more...] about How to Import IOCs Into the CrowdStrike Falcon Platform
Go Beyond Today’s Cybersecurity at Fal.Con 2020
Fal.Con 2020 is less than four weeks away, and we have lots of news to share about our 4th annual CrowdStrike® Cybersecurity Conference on October 15! Fal.Con 2020 has been completely reimagined to provide a first-of-its kind virtual experience, including a fast-paced general session featuring many of the top minds in cybersecurity and digital transformation, 50+ learning … [Read more...] about Go Beyond Today’s Cybersecurity at Fal.Con 2020
Falcon Complete Uncovers Global Attack Campaign [Case Study]
In this blog, we describe a recent incident that highlights the CrowdStrike® Falcon Complete™ team’s ability to act as an extension of our customer’s security team to quickly detect, triage and contain an active attacker before they were able to complete their goal. In this example, we outline an active web exploitation campaign that was impacting multiple customers at the same … [Read more...] about Falcon Complete Uncovers Global Attack Campaign [Case Study]
How the Falcon Complete Team Stopped an RDP Attack [Part 1]
Welcome to the CrowdStrike® Falcon CompleteTM team’s first “Tales from the Trenches” blog, where we describe a recent intrusion that shows how the Falcon Complete managed detection and response (MDR) service operates as an extension of the customer’s security team to quickly detect, investigate and contain an active attacker before they’re able to complete their goal. Once this … [Read more...] about How the Falcon Complete Team Stopped an RDP Attack [Part 1]
How the Falcon Complete Team Stopped an RDP Attack [Part 2]
In Part 1 of this two-part “Tales from the Trenches” blog, we examined a stealthy Remote Desktop Protocol (RDP) intrusion uncovered by CrowdStrike® Falcon CompleteTM experts. In this installment, we’ll walk you through remediation efforts, highlighting Falcon Complete’s ability to directly eject a threat actor and bring the customer’s environment back to a clean, operational … [Read more...] about How the Falcon Complete Team Stopped an RDP Attack [Part 2]
PowerShell Hunting with CrowdStrike Falcon
Introduction Threat hunting is the active search for new and novel attack behaviors that aren’t detected by current automated methods of prevention and detection. Threat hunting starts with human analysts, who approach their challenge with the assumption that active intrusions are underway but hidden from the view of their layers of detection technology such as NGAV, network … [Read more...] about PowerShell Hunting with CrowdStrike Falcon
How to Use Custom Filters in Falcon Spotlight
Introduction This article and video will provide an overview of the power of custom filters in Falcon Spotlight. Spotlight provides customers with realtime data about the vulnerabilities in the environment. With custom filters, organizations can quickly sort that data to focus on critical assets, vulnerabilities and remediations. Those filters can then be saved for repeat use … [Read more...] about How to Use Custom Filters in Falcon Spotlight