DataCenterNews Asia Pacific - Specialist news for cloud & data center decision-makers
Asia

Guides

#
disaster recovery
#
multi-cloud
#
power / energy
#
software defined wide area network
#
storage

Search

Digital shield protecting interconnected devices cybersecurity threat detection
#
SIEM
#
Advanced Persistent Threat Protection
#
SOC

CrowdStrike unveils AI-driven updates to Falcon threat intelligence

Yesterday
Author image
By Melvin Hipolito, Editor

CrowdStrike has announced the latest release of Falcon Adversary Intelligence, providing real-time, personalised threat intelligence embedded into security operations centre workflows.

The new version of Falcon Adversary Intelligence aims to align threat intelligence with each customer's environment, exposures, and detections, operationalising intelligence at scale for improved detection, hunting and response.

CrowdStrike has a history of tracking over 265 nation-state, eCrime and hacktivist groups globally. Its current offering seeks to address the challenge security teams face with fragmented intelligence across disconnected tools and the lack of context needed to understand how adversary threats apply to an organisation's specific risk profile and technology stack. The company stated that adversaries are growing in sophistication, leveraging artificial intelligence to accelerate attacks while also targeting AI-supported business operations.

The latest update of Falcon Adversary Intelligence is designed to address these developments by replacing fragmented intelligence tools and static feeds with a personalised approach that uses the Falcon platform's first-party telemetry. This system prioritises and personalises intelligence according to each organisation's unique environment and risk factors.

Key features

Among the main features introduced is automated onboarding and intelligent rule creation. The system integrates infrastructure mapping and utilises knowledge from across the Falcon platform to deliver customer-specific intelligence. This includes reporting on relevant threats and trends, monitoring dark web activities, and highlighting information according to industry, technology stack, and detection data.

Platform-driven prioritisation is another component, generating contextual threat profiles that reflect real-time detections, known exposures, and company profiles. For example, if a new threat targets a specific industry, the system automatically elevates its priority, providing in-depth threat profiles, Tactics, Techniques, and Procedures, targeting patterns, and related intrusion information to support rapid decision-making by analysts.

The release also introduces Threat Hunting Guides within Falcon Adversary Intelligence Premium. These guides allow analysts to shift directly from threat insights to targeted investigations across their environments. With prebuilt queries and guided workflows, analysts can avoid time-consuming manual research, reducing investigations from as many as 15 steps to just a few clicks. When used with Falcon Next-Gen SIEM, the platform's click-to-hunt capabilities are intended to further reduce manual effort and enable faster response to emerging threats.

Additionally, Intelligence Explorer provides analysts with a consolidated workspace to investigate threats, cross-reference adversary context, and correlate detection results within a single view for streamlined operations.

"Today's adversaries are treating speed and stealth like weapons, using GenAI, cross-domain attacks, and targeted social engineering to move faster than ever while staying undetected," said Adam Meyers, Head of Counter Adversary Operations at CrowdStrike. "Threat intelligence can't just inform – it has to drive action. This is a smarter, more dynamic way to deliver intel aligned to each customer's environment. By boosting relevance, accelerating response, and delivering real operational ROI, analysts can act faster, hunt smarter, and stay ahead of today's most sophisticated threats."

The approach taken by Falcon Adversary Intelligence is intended to increase the relevance and timeliness of data available to security analysts, replacing manual workflows with automation where possible and reducing investigation time. The system continually adapts based on live data from the client's environment, supporting prioritisation of threats that are most pertinent to each organisation's exposures and operations.

CrowdStrike highlighted its intention for the Falcon platform to contribute to more effective and context-driven threat defence as adversaries escalate the use of automation and AI in their attacks against enterprise environments.

The company reports that these updates are now available to customers, enabling security teams to access real-time intelligence and workflow support within the Falcon ecosystem.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Drowning in data, starving for insights: Amperity experts reveal customer data challenges
FLOW launches new 30MW data centre campus in Central Tokyo
Temus, AWS & DISG to help 300 firms scale AI with SGD $600,000 aid
NEXTDC invests USD $200m in Sunshine Coast AI data centre
Varonis unveils cloud-native solution for database security

Top stories

Alibaba Cloud named leader in Forrester Wave serverless report
CrowdStrike & OpenAI enhance SaaS security with AI agent oversight
Hitachi Vantara launches VSP One SDS on Google Cloud Marketplace
Nasuni unveils dashboards for analytics & operational insights
DayOne starts AI-ready, 20MW green data centre build in Singapore