CrowdStrike merges Threat Intelligence, Hunters, and AI for Unprecedented Protection
News

CrowdStrike merges Threat Intelligence, Hunters, and AI for Unprecedented Protection

CrowdStrike merges Threat Intelligence

With the introduction of CrowdStrike Counter Adversary Operations, a market leader in threat intelligence and a pioneer in managed threat hunting, CrowdStrike today announced another cybersecurity first. In order to identify, disrupt, and stop today’s sophisticated adversaries in their tracks and ultimately increase their cost of doing business, the new team and offerings combine CrowdStrike Falcon® Intelligence, the CrowdStrike Falcon OverWatch managed threat hunting teams and trillions of the most recent telemetry events from the AI-powered CrowdStrike Falcon® platform.

Following CrowdStrike’s designation as a leader in The Forrester Wave: External Threat Intelligence Service Providers, Q3 2023, the new Counter Adversary Operations was just launched. With the highest score possible across 16 criteria, CrowdStrike outperformed all other vendors considered in the report to receive the highest ranking of all vendors in the Current Offering category.

“CrowdStrike’s founding principle has always been, ‘You don’t have a malware problem, you have an adversary problem,’ and that couldn’t be more true right now. According to Adam Meyers, head of Counter Adversary Operations at CrowdStrike, “Today’s threat actors are getting faster and more evasive, their motivations are changing quickly from even a year ago, and the tradecraft we’re seeing in the wild is bypassing legacy and even modern security measures far too frequently.

Threat intelligence must go beyond comprehending the threat and swiftly dispatch threat hunters to disrupt and stop it if we are to defeat modern adversaries at their own game. The recently established Counter Adversary Operations represents a new model that not only combines the world’s best adversary insight and expertise, gleaned from hands-on keyboard activity, trillions of telemetry events, and deep threat intelligence but also quickly transfers this insight to teams on the front lines to defend against contemporary threats while making life harder on the adversary.

According to the CrowdStrike 2023 Threat Hunting Report, which was just released, there have been significant year-over-year increases in identity-based attacks, interactive intrusions (i.e., hands-on-keyboard activity), and the use of legitimate remote monitoring and management (RMM) tools, all while breakout time has fallen to a record low. The report, the first from the new Counter Adversary Ops team, found that Kerberoasting attacks, which adversaries can use to obtain legitimate credentials for Microsoft Active Directory service accounts, have increased by 583% year over year. The abuse of legitimate accounts was involved in 62% of all interactive intrusions overall, while breakout time—the amount of time it takes an adversary to move laterally from initial compromise—fell to 79 minutes, with the fastest breakout recorded at just 7 minutes.

Identity Threat Hunting is the first newly announced Counter Adversary Operations offering.

Identity Threat Hunting is the first brand-new service that CrowdStrike Counter Adversary Operations has launched in response to the rise in popularity of identity-based attacks and the sophistication of adversary tradecraft that CrowdStrike is observing in the wild. The offering, which is currently included in CrowdStrike Falcon OverWatch Elite, combines the most recent information on the tactics, techniques, and objectives (TTPs) of adversaries with CrowdStrike Falcon Identity Threat Protection and CrowdStrike’s elite Falcon OverWatch threat hunters to thwart the most recent identity-based threats.

The new service enables users to track lateral movement, detect compromised credentials quickly, and outperform adversaries with always-on, round-the-clock coverage. Additionally, this service is cost-free for both new and existing CrowdStrike Falcon OverWatch Elite customers.

One of many accelerated innovations being introduced by Counter Adversary Operations, the new Identity Threat Hunting offering will quickly close the loop between what CrowdStrike researchers discover in the wild and new customer-focused innovations within the Falcon platform.