CrowdStrike unveils industry-first managed threat hunting across third-party data -

CrowdStrike has introduced Falcon Adversary OverWatch Next-Gen SIEM, the first and only solution to bring managed threat hunting to third-party data. This breakthrough innovation extends the visibility of CrowdStrike’s elite threat hunters into unmanaged attack surfaces adversaries have long exploited. By leveraging third-party data ingested by Falcon Next-Gen SIEM, CrowdStrike delivers 24/7 expert detection beyond endpoints, identity and cloud environments to stop breaches across every attack surface.

Adversaries strike from all angles, and once inside, they move laterally with alarming speed. Groups like FAMOUS CHOLLIMA embed malicious insiders to operate from within. Others, like OPERATOR PANDA exploit unmanaged infrastructure, edge devices and siloed systems like firewalls, virtual private networks (VPNs) and email gateways – where traditional tools lack visibility. By extending managed threat hunting to third-party data, CrowdStrike delivers faster detection, broader coverage and even greater speed in stopping breaches.

CrowdStrike’s latest innovations set a new standard for modern security operations. Powered by the AI-native CrowdStrike Falcon cybersecurity platform, Falcon Adversary OverWatch uses deep adversary expertise and industry-leading threat intelligence to rapidly uncover evasive threats. Falcon Next-Gen SIEM unifies native and third-party data, real-time intelligence and AI-driven automation to deliver comprehensive visibility, high-fidelity alerts and machine speed response.

New innovations include:

Expert-led threat hunting across all attack surfaces: Integrates real-time, 24/7 threat hunting from Falcon Adversary OverWatch with first-party endpoint, identity, cloud and third-party data from Falcon Next-Gen SIEM. Expands coverage across unmanaged infrastructure that adversaries often exploit to expose hidden threats.
UEBA and case management for falcon next-gen SIEM: Analyses user behaviour with advanced machine learning to uncover insider threats and stealthy adversaries once they are on the network. With AI-driven risk scoring, entity resolution and automated workflows, security teams can reduce false positives, connect related activities across data sources and investigate in a centralized platform to respond faster.
Unified identity security and next-gen SIEM: The powerful combination of Falcon Identity Protection and Falcon Next-Gen SIEM enables security teams to detect and prioritise identity-based threats in real time, while Falcon Fusion SOAR automates Active Directory actions – like disabling compromised accounts and MFA enforcement – to respond at machine speed.
CrowdStrike pulse services: To help customers drive SOC transformation, CrowdStrike Pulse Services reduces active risk with targeted offerings such as ransomware readiness planning, high-value asset protection strategies and cyber resiliency uplift. Delivered through modular, expert-led engagements, Pulse helps teams improve response times and build more resilient operations.

Commenting on the announcement, Adam Meyers, head, counter adversary operations, CrowdStrike, said, “Today’s adversaries move incredibly fast and thrive on the complexity of modern environments. They exploit the sprawl of IT and security tools to give them an edge, while defenders are left to stitch together disjointed data to try and find signals in the noise. With OverWatch now hunting across third-party data, we are eliminating the blind spots that adversaries rely on, delivering unified visibility, expert-led detection and the early insight needed to stop breaches.”

CrowdStrike unveils industry-first managed threat hunting across third-party data

Related Posts

Ashwini Vaishnaw inaugurates India’s first tempered glass manufacturing facility by Optiemus

IBM and Ericsson collaborate on 5G antenna designs

Fujitsu expands its PRIMERGY dual-socket server line up

Citrus Payment Solutions announces a new round of funding by a consortium of investors