Category: Blog – crowdstrike.com

Falcon XDR: Why You Must Start With EDR to Get XDR

This article has been indexed from Blog – crowdstrike.com Since we founded CrowdStrike, one of the things I’m proudest of is our collective ability to work with customers to lead the industry forward. Leadership is more than just being the…

Falcon XDR: Extending Detection and Response – The Right Way

This article has been indexed from Blog – crowdstrike.com This week we announced the general availability of CrowdStrike’s newest innovation, Falcon XDR, and I couldn’t be more excited. Using our same single, lightweight agent architecture, Falcon XDR enables security teams…

A More Modern Approach to Logging in Go

This article has been indexed from Blog – crowdstrike.com The Go ecosystem has long relied on the use of third-party libraries for logging. Logrus, one of the first leveled, structured logging libraries, is now maintenance-only and its developers recommend migrating…

How to Protect Cloud Workloads from Zero-day Vulnerabilities

This article has been indexed from Blog – crowdstrike.com Protecting cloud workloads from zero-day vulnerabilities like Log4Shell is a challenge that every organization faces.  When a vulnerability is published, organizations can try to identify impacted artifacts through software composition analysis,…

A More Modern Approach to Logging in Golang

This article has been indexed from Blog – crowdstrike.com The Golang ecosystem has long relied on the use of third-party libraries for logging. Logrus, one of the first leveled, structured logging libraries, is now maintenance-only and its developers recommend migrating…

TellYouThePass Ransomware Analysis Reveals a Modern Reinterpretation Using Golang

This article has been indexed from Blog – crowdstrike.com TellYouThePass ransomware, discovered in 2019, recently re-emerged compiled using Golang  Golang’s popularity among malware developers makes cross-platform development more accessible TellYouThePass ransomware was recently associated with Log4Shell post-exploitation, targeting Windows and…

CrowdStrike Launches Free Targeted Log4j Search Tool

This article has been indexed from Blog – crowdstrike.com The recently discovered Log4j vulnerability has serious potential to expose organizations across the globe to a new wave of cybersecurity risks as threat actors look to exploit this latest vulnerability to…

Monitoring File Changes with Falcon FileVantage

This article has been indexed from Blog – crowdstrike.com Introduction Due to compliance regulations, many organizations have a need to monitor key assets for changes made to certain files, folders or registry settings. File Integrity Monitoring (FIM) can be a…

What Is Data Logging?

This article has been indexed from Blog – crowdstrike.com This blog was originally published on humio.com. Humio is a CrowdStrike Company. Data logging is the process of capturing, storing and displaying one or more datasets to analyze activity, identify trends and…

Automate Your Cloud Operations With Humio and Fylamynt

This article has been indexed from Blog – crowdstrike.com This blog was originally published Dec. 2, 2021 on humio.com. Humio is a CrowdStrike Company. A new API integration for Humio and Fylamynt helps joint customers improve the efficiency of their…

How to Set Yourself Up for Real XDR Success

This article has been indexed from Blog – crowdstrike.com Extended detection and response (XDR) is all the rage these days. It seems like almost every security vendor now claims to offer XDR functionality. But are those claims based in reality? …

Log4j2 Vulnerability “Log4Shell” (CVE-2021-44228)

This article has been indexed from Blog – crowdstrike.com Log4j2 is an open-source, Java-based logging framework commonly incorporated into Apache web servers. Between late November and early December 2021, a critical vulnerability (CVE-2021-44228) impacting the Log4j2 utility was reported, resulting…

Why Actionable Logs Require Sufficient History

This article has been indexed from Blog – crowdstrike.com This blog was originally published Oct. 26, 2021 on humio.com. Humio is a CrowdStrike Company. Improve visibility and increase insights by logging everything ITOps, DevOps and SecOps teams need historical log…

What Is a Hypervisor (VMM)?

This article has been indexed from Blog – crowdstrike.com This blog was originally published on humio.com. Humio is a CrowdStrike Company. What is a hypervisor? A hypervisor, or virtual machine monitor (VMM), is virtualization software that creates and manages multiple virtual machines…

Nowhere to Hide: Detecting SILENT CHOLLIMA’s Custom Tooling

This article has been indexed from Blog – crowdstrike.com CrowdStrike Falcon OverWatch™ recently released its annual threat hunting report, detailing the interactive intrusion activity observed by hunters over the course of the past year. The tactics, techniques and procedures (TTPs)…

Mean Time to Repair (MTTR) Explained

This article has been indexed from Blog – crowdstrike.com This blog was originally published oct. 28, 2021 on humio.com. Humio is a CrowdStrike Company. Definition of MTTR Mean time to repair (MTTR) is a key performance indicator (KPI) that represents the…

Unexpected Adventures in JSON Marshaling

This article has been indexed from Blog – crowdstrike.com Recently, one of our engineering teams encountered what seemed like a fairly straightforward issue: When they attempted to store UUID values to a database, it produced an error claiming that the…

Introduction to the Humio Marketplace

This article has been indexed from Blog – crowdstrike.com This blog was originally published Oct. 11, 2021 on humio.com. Humio is a CrowdStrike Company. Humio is a powerful and super flexible platform that allows customers to log everything and answer…

A Foray into Fuzzing

This article has been indexed from Blog – crowdstrike.com One useful method in a security researcher’s toolbox for discovering new bugs in software is called “fuzz testing,” or just “fuzzing.” Fuzzing is an automatic software testing approach where the software…

Everything You Need To Know About Log Analysis

This article has been indexed from Blog – crowdstrike.com This blog was originally published Sept. 30, 2021 on humio.com. Humio is a CrowdStrike Company. What Is Log Analysis? Log analysis is the process of reviewing computer-generated event logs to proactively identify…

How to Use Falcon Spotlight’s ExPRT.AI

This article has been indexed from Blog – crowdstrike.com Introduction Organizations have historically been reliant on CVSS severity scoring to help prioritize vulnerability remediations. Unfortunately, that single data point is often not enough to drive an effective patching strategy. With…

How to Leverage Scheduled Searches

This article has been indexed from Blog – crowdstrike.com Introduction Falcon Insight provides customers with extensive visibility into the events taking place on endpoints and workloads. While triggered detections are an important part of endpoint security, CrowdStrike also provides the…

Humio Recognized as Top 3 Observability Award Winner by EMA

This article has been indexed from Blog – crowdstrike.com Humio delivers modern log management with streaming observability to enable customers to log everything and answer anything in real time. Today, Humio is proud to be recognized by Enterprise Management Associates…

Shining a Light on DarkOxide

This article has been indexed from Blog – crowdstrike.com Since September 2019, Falcon OverWatch™ has been tracking an as yet unattributed actor, conducting targeted operations against organizations within the Asia Pacific (APAC) semiconductor industry. CrowdStrike Intelligence tracks this activity cluster…