www.crowdstrike.com Open in urlscan Pro
2606:4700::6812:9a09  Public Scan

Form analysis
0 forms found in the DOM

Text Content

Skip to main contentEnable accessibility for visually impairedOpen the
accessibility menu Open the Accessible Navigation Menu









EMPTY HEADING




x
 * 
 * 
 * Experienced a breach?
 * Small Business
 * CrowdStrike Marketplace
 * Contact Us
 * Login
 * Blog

 * English (US)
   * Deutsch
   * English (AU)
   * English (UK)
   * Español
   * Français
   * Italiano
   * Português
   * LatAm
   * 繁體中文
   * 日本語
   * 한국어
   * عربى

 * Platform
   Main Menu
   Falcon platform bundles Falcon Go: get started with CrowdStrike
   Affordable next-gen antivirus and USB device
   control to protect your business.
   Falcon Pro: optimize your defense
   Next-gen antivirus and threat intelligence for greater
   insight into your environment. Automated threat
   investigations accelerate alert, triage and response.
   Falcon Enterprise: never miss a threat
   Unify all security tools to provide a single source of truth:
   next-gen antivirus, EDR, XDR, managed threat hunting
   and integrated threat intelligence.
   Falcon Elite: advanced breach prevention
   Integrated endpoint and identity protection, the expanded
   visibility of Falcon Insight XDR, unequaled threat-hunting and
   the added protection of identity security to stop every breach.
   Falcon Complete: superior prevention, detection & response
   The full suite of managed endpoint threat and identity protection
   with expert monitoring and remediation.
   Platform categories Cloud security
   Stop cloud breaches with unified
   cloud security posture management
   and breach prevention.
   Data protection
   Stop data theft with policy enforcement
   that automatically follows content, not files.
   Endpoint security & XDR
   Supercharge protection, detection and
   response – for endpoint and beyond.
   Exposure management
   Reduce risk with complete attack surface
   visibility and AI-powered vulnerability
   management.
   Identity protection
   Stop breaches faster by protecting
   workforce identities everywhere.
   Next-gen SIEM
   Rapidly shut down threats with real-time
   detections, blazing-fast search, and
   cost-effective data retention.
   Threat intelligence & hunting
   Disrupt adversaries and their attacks.
   Know them. Find them. Stop them.
   IT Automation
   Ask, answer, and act on any question across
   the IT estate, as an extension of the
   CrowdStrike platform.
   Platform capabilities About the CrowdStrike platform Charlotte AI Falcon
   Foundry Falcon Fusion AI & machine learning Threat Graph FAQs
   CrowdStrike Marketplace
 * Services
   Main Menu
   Prepare
   Prepare and train your organization to defend
   against sophisticated threat actors using real-life
   simulation exercises.
   Tabletop Exercise Red Team / Blue Team Exercise Adversary Emulation Exercise
   Penetration Testing
   Respond
   Available under a Services Retainer, giving
   you access to security consultants and
   expertise to respond to a breach.
   Incident Response Compromise Assessment Endpoint Recovery Network Detection
   Experienced a breach?
   Fortify
   Enhance your cybersecurity practices and
   controls with actionable recommendations to
   fortify your cybersecurity posture.
   Maturity Assessment Technical Risk Assessment SOC Assessment Cloud Security
   Assessment Identity Security Assessment
   Managed Services Managed Detection & Response
   Included in Falcon Complete and backed by
   CrowdStrike's Breach Prevention Warranty.
   Managed Threat Hunting
   Falcon OverWatch, as an extension of your team,
   hunting relentlessly to stop hidden threats.
   Managed LogScale
   Managed service that combines centralized
   log management technology with CrowdStrike's
   industry leading service expertise.
   Additional Services Cloud Security Services Identity Protection Services
   Falcon LogScale Services Partner Services
 * Why CrowdStrike?
   Main Menu
   Why CrowdStrike? Considering Microsoft?
   
   Compare CrowdStrike
   See how we stack up against our competitors
   Industry recognition
   CrowdStrike is the recognized leader in
   endpoint protection solutions.
   Customer stories
   Don't take our word for it, hear what
   our customers have to say.
   Solutions by topic Zero Trust
   Real-time breach protection on
   any endpoint, cloud workload or
   identity, wherever they are.
   Cloud threat detection and response
   Stop cloud breaches for multi-
   cloud and hybrid environments
   in a single platform.
   Ransomware protection
   Learn what you can do to stop
   ransomware threats in their tracks.
   Log4Shell mitigation
   Get the latest information on
   this evolving vulnerability.
   Observability & log management
   Fills in the gaps, logs everything, and
   realizes real-time observability for
   your entire system.
   Solutions by industry Small business Election security Public sector
   Healthcare Financial services Retail
 * Learn
   Main Menu
   Featured resources Considering Microsoft?
   Cyber risk that starts with Microsoft
   ends with CrowdStrike
   Cybersecurity 101 glossary
   Explanations, examples and best practices
   on a variety of cybersecurity topics.
   Get your threat landscape
   Discover the adversaries targeting
   your industry.
   2023 Global Threat Report
   The highly anticipated annual
   threat report is here!
   2023 Threat Hunting Report
   CrowdStrike's threat hunting insights
   from July 1, 2022 to June 30, 2023.
   CrowdStrike blog
   
   
   Discover how CrowdStrike protects you against
   the most advanced attacks.
   From the front lines Executive viewpoint Counter Adversary Operations
   Customer focused Free trial guide Customer support portal CrowdStrike
   University CrowdStrike Tech Center Developer portal
   Knowledge resources Case studies White papers Webinars Adversary Universe
   Podcast Reports Logging guides All resources
 * Company
   Main Menu
   Connect with us Careers Events Fal.Con 2023 Falcon Encounter Hands-on Labs
   Partner programs Channel partners and distributors Service providers
   Strategic technology partners CrowdStrike Marketplace View all
   Become a partner
   About us Our story Executive team Board of directors Latest news Investor
   relations Environmental, social & governance CrowdStrike & F1 Racing
 * Start now

 * 
 * 
 * 

 * Start now
 * Platform
 * Services
 * Why CrowdStrike?
 * Learn
 * Company
 * Contact Us
 * EXPERIENCED A BREACH?
 * Languages

Main Menu
Falcon platform bundles Falcon Go: get started with CrowdStrike
Affordable next-gen antivirus and USB device
control to protect your business.
Falcon Pro: optimize your defense
Next-gen antivirus and threat intelligence for greater
insight into your environment. Automated threat
investigations accelerate alert, triage and response.
Falcon Enterprise: never miss a threat
Unify all security tools to provide a single source of truth:
next-gen antivirus, EDR, XDR, managed threat hunting
and integrated threat intelligence.
Falcon Elite: advanced breach prevention
Integrated endpoint and identity protection, the expanded
visibility of Falcon Insight XDR, unequaled threat-hunting and
the added protection of identity security to stop every breach.
Falcon Complete: superior prevention, detection & response
The full suite of managed endpoint threat and identity protection
with expert monitoring and remediation.
Platform categories Cloud security
Stop cloud breaches with unified
cloud security posture management
and breach prevention.
Data protection
Stop data theft with policy enforcement
that automatically follows content, not files.
Endpoint security & XDR
Supercharge protection, detection and
response – for endpoint and beyond.
Exposure management
Reduce risk with complete attack surface
visibility and AI-powered vulnerability
management.
Identity protection
Stop breaches faster by protecting
workforce identities everywhere.
Next-gen SIEM
Rapidly shut down threats with real-time
detections, blazing-fast search, and
cost-effective data retention.
Threat intelligence & hunting
Disrupt adversaries and their attacks.
Know them. Find them. Stop them.
IT Automation
Ask, answer, and act on any question across
the IT estate, as an extension of the
CrowdStrike platform.
Platform capabilities About the CrowdStrike platform Charlotte AI Falcon Foundry
Falcon Fusion AI & machine learning Threat Graph FAQs
CrowdStrike Marketplace
Main Menu
Prepare
Prepare and train your organization to defend
against sophisticated threat actors using real-life
simulation exercises.
Tabletop Exercise Red Team / Blue Team Exercise Adversary Emulation Exercise
Penetration Testing
Respond
Available under a Services Retainer, giving
you access to security consultants and
expertise to respond to a breach.
Incident Response Compromise Assessment Endpoint Recovery Network Detection
Experienced a breach?
Fortify
Enhance your cybersecurity practices and
controls with actionable recommendations to
fortify your cybersecurity posture.
Maturity Assessment Technical Risk Assessment SOC Assessment Cloud Security
Assessment Identity Security Assessment
Managed Services Managed Detection & Response
Included in Falcon Complete and backed by
CrowdStrike's Breach Prevention Warranty.
Managed Threat Hunting
Falcon OverWatch, as an extension of your team,
hunting relentlessly to stop hidden threats.
Managed LogScale
Managed service that combines centralized
log management technology with CrowdStrike's
industry leading service expertise.
Additional Services Cloud Security Services Identity Protection Services Falcon
LogScale Services Partner Services
Main Menu
Why CrowdStrike? Considering Microsoft?

Compare CrowdStrike
See how we stack up against our competitors
Industry recognition
CrowdStrike is the recognized leader in
endpoint protection solutions.
Customer stories
Don't take our word for it, hear what
our customers have to say.
Solutions by topic Zero Trust
Real-time breach protection on
any endpoint, cloud workload or
identity, wherever they are.
Cloud threat detection and response
Stop cloud breaches for multi-
cloud and hybrid environments
in a single platform.
Ransomware protection
Learn what you can do to stop
ransomware threats in their tracks.
Log4Shell mitigation
Get the latest information on
this evolving vulnerability.
Observability & log management
Fills in the gaps, logs everything, and
realizes real-time observability for
your entire system.
Solutions by industry Small business Election security Public sector Healthcare
Financial services Retail
Main Menu
Featured resources Considering Microsoft?
Cyber risk that starts with Microsoft
ends with CrowdStrike
Cybersecurity 101 glossary
Explanations, examples and best practices
on a variety of cybersecurity topics.
Get your threat landscape
Discover the adversaries targeting
your industry.
2023 Global Threat Report
The highly anticipated annual
threat report is here!
2023 Threat Hunting Report
CrowdStrike's threat hunting insights
from July 1, 2022 to June 30, 2023.
CrowdStrike blog


Discover how CrowdStrike protects you against
the most advanced attacks.
From the front lines Executive viewpoint Counter Adversary Operations
Customer focused Free trial guide Customer support portal CrowdStrike University
CrowdStrike Tech Center Developer portal
Knowledge resources Case studies White papers Webinars Adversary Universe
Podcast Reports Logging guides All resources
Main Menu
Connect with us Careers Events Fal.Con 2023 Falcon Encounter Hands-on Labs
Partner programs Channel partners and distributors Service providers Strategic
technology partners CrowdStrike Marketplace View all
Become a partner
About us Our story Executive team Board of directors Latest news Investor
relations Environmental, social & governance CrowdStrike & F1 Racing
Main Menu
 * English (US)
 * Deutsch
 * English (AU)
 * English (UK)
 * Español
 * Français
 * Italiano
 * Português
 * LatAm
 * 繁體中文
 * 日本語
 * 한국어
 * عربى

Download report



 * Report stats
 * Get the report
 * Key insights
 * Adversary Universe
 * Resources




KNOW THEM. FIND THEM. STOP THEM.



The problem isn’t malware — it’s adversaries. To stop these adversaries,
security teams must understand how they operate. In the 2023 Threat Hunting
Report, CrowdStrike’s Counter Adversary Operations team exposes the latest
adversary tradecraft and provides knowledge and insights to help stop breaches.




583%



increase in Kerberoasting, a growing identity-based attack technique




312%



increase in abuse of remote monitoring and management (RMM) tools




160%



increase in credential theft via cloud instance metadata APIs




79 MINUTES



average eCrime breakout time, a 5-minute drop from 2022




7 MINUTES



fastest eCrime breakout time recorded




62%



of interactive intrusions involved compromised identities



READ THE CROWDSTRIKE 2023 THREAT HUNTING REPORT



Expose adversaries and stop them in their tracks.



Download now
READ THE CROWDSTRIKE 2023 THREAT HUNTING REPORT



Expose adversaries and stop them in their tracks.



Download now


EMPTY HEADING


KEY REPORT INSIGHTS



IDENTITY THREATS HAVE BECOME MAINSTREAM

Overall, 62% of interactive intrusions involve compromised identities. It’s not
surprising that identity-based intrusions are on the rise — stolen credentials
give adversaries immediate access. There’s been a 583% increase in Kerberoasting
and 147% increase in broker advertisements on the dark web since 2022,
highlighting the growth in the end-to-end criminal ecosystem exploiting
identity-based attacks.



ADVERSARIES ARE GETTING SMARTER IN THE CLOUD

Threat actors are becoming cloud experts, knowing as much as or more about cloud
environments than organizations do. As security teams adopt more cloud-based
technologies, adversaries are becoming more adept at exploiting
misconfigurations and abusing cloud management tools. In fact, adversaries are
exploiting the cloud more than ever. There's been a 95% rise in cloud attacks
and a 160% increase in credential theft via cloud instance metadata APIs.



ECRIME IS SURGING AS ADVERSARIES BECOME FASTER

Adversaries are breaking in and out of environments faster than ever. The
average eCrime breakout time has dropped to 79 minutes. The fastest recorded
time is just 7 minutes. Furthermore, eCrime threat actors are also finding more
efficient ways to break in. Among them is the misuse of legitimate remote
monitoring and management tools with a 312% increase since 2022.



CROSS-PLATFORM PROFICIENCY IS GROWING

Many of today’s adversaries confidently target and navigate multiple operating
systems, with growing prowess in Linux and macOS. CrowdStrike® Falcon OverWatch℠
saw a 3X increase of adversaries replacing Pluggable Authentication Modules
(PAM) with malicious modules in Linux — especially in the finance, technology,
and services industries.




DISCOVER THE ADVERSARIES TARGETING YOU



Explore your threat landscape and find out which adversaries are targeting
organizations like yours in the Adversary Universe.

Indrik Spider
Shifts from opportunistic eCrime to tailored attacks
Vice Spider
Responsible for 27% of all Kerberoasting attacks
Cosmic Wolf
Targets victim data stored within cloud environments
Labyrinth Chollima
Led the charge in multiple operating system attacks


RELATED RESOURCES

 * CrowdCast
   
   CrowdCast: CrowdStrike 2023 Threat Hunting Report
   
   Register now

 * Blog
   
   CrowdStrike Debuts Counter Adversary Operations Team
   
   Read the blog

 * Infographic
   
   2023 Threat Hunting Report Infographic
   
   Download

Start your
free trial now.

Total protection has never been easier. Take advantage of our free 15-day trial
and explore the most popular solutions for your business:

 * Protect against malware with next-gen antivirus.
 * Get unrivaled visibility with USB device control.
 * Simplify your host firewall management.
 * Receive real-time insights with automated threat intelligence.

Request free trial
 * 
 * 
 * 
 * 
 * 

New to CrowdStrike? About the platform Explore products Services Why choose
CrowdStrike?
Company About CrowdStrike Careers Events Newsroom Partners CrowdStrike
Marketplace
Learn with CrowdStrike 2023 Global Threat Report Cybersecurity 101 Your Threat
Landscape Tech Center View all resources
Contact us Experienced a breach?
Copyright © 2023
 * Contact us
 * Privacy
 * Cookies
 * Your Privacy Choices
 * Terms of Use
 * Accessibility




ABOUT COOKIES ON THIS SITE

By clicking “Accept All Cookies”, you agree to the storing of cookies on your
device to enhance site navigation, analyze site usage, and assist in our
marketing efforts. Cookie Notice

Cookie Settings Reject All Accept All Cookies



COOKIE PREFERENCE CENTER




 * YOUR PRIVACY


 * STRICTLY NECESSARY COOKIES


 * FUNCTIONAL COOKIES


 * PERFORMANCE COOKIES


 * TARGETING COOKIES

YOUR PRIVACY

When you visit any website, it may store or retrieve information on your
browser, mostly in the form of cookies. This information might be about you,
your preferences or your device and is mostly used to make the site work as you
expect it to. The information does not usually directly identify you, but it can
give you a more personalized web experience. Because we respect your right to
privacy, you can choose not to allow some types of cookies. Click on the
different category headings to find out more and change our default settings.
However, blocking some types of cookies may impact your experience of the site
and the services we are able to offer. 
More information.

STRICTLY NECESSARY COOKIES

Always Active

These cookies are necessary for the website to function and cannot be switched
off in our systems. This includes diagnostic functions such as identifying 404
errors and monitoring page load speed. They are usually only set in response to
actions made by you which amount to a request for services, such as setting your
privacy preferences, logging in or filling in forms. You can set your browser to
block or alert you about these cookies, but some parts of the site will not then
work. These cookies do not store any personally identifiable information.

Cookies Details‎

FUNCTIONAL COOKIES

Functional Cookies


These cookies enable the website to provide enhanced functionality and
personalisation. They may be set by us or by third party providers whose
services we have added to our pages. If you do not allow these cookies then some
or all of these services may not function properly.

Cookies Details‎

PERFORMANCE COOKIES

Performance Cookies


These cookies allow us to count visits and traffic sources so we can measure and
improve the performance of our site. They help us to know which pages are the
most and least popular and see how visitors move around the site. All
information these cookies collet is aggregated and therefore anonymous. If you
do not allow these cookies we will not know when you have visited our site, and
will not be able to monitor its performance.

Cookies Details‎

TARGETING COOKIES

Targeting Cookies


These cookies may be set through our site by our advertising partners. They may
be used by those companies to build a profile of your interests and show you
relevant adverts on other sites. They do not store directly personal
information, but are based on uniquely identifying your browser and internet
device. If you do not allow these cookies, you will experience less targeted
advertising.

Cookies Details‎
Back Button


BACK



Cookies list search
Filter Button
Consent Leg.Interest
checkbox label label
checkbox label label
checkbox label label


 * EMPTY HEADING
   
   EMPTY HEADING
   
   View Third Party Cookies
    * Name
      cookie name


Clear
checkbox label label
Apply Cancel
Confirm My Choices
Allow All