Engineering & Tech

Tech Analysis: Channel File May Contain Null Bytes
EMBERSim: A Large-Scale Databank for Boosting Similarity Search in Malware Analysis
CrowdStrike Falcon Next-Gen SIEM Unveils Advanced Detection of Ransomware Targeting VMware ESXi Environments
CrowdStrike’s Advanced Memory Scanning Stops Threat Actor Using BRc4 at Telecommunications Customer
The Windows Restart Manager: How It Works and How It Can Be Hijacked, Part 2
The Windows Restart Manager: How It Works and How It Can Be Hijacked, Part 1
How CrowdStrike Uses Similarity-Based Mapping to Understand Cybersecurity Data and Prevent Breaches
Cracking the Code of AI Decision Making: Harnessing the Power of SHAP Values
CrowdStrike’s Artificial Intelligence Tooling Uses Similarity Search to Analyze Script-Based Malware Attack Techniques
CrowdStrike’s Free TensorFlow-to-Rust Conversion Tool Enables Data Scientists to Run Machine Learning Models as Pure Safe Code
Spotlight on the Log-Structured Merge (LSM) Tree: One of the Keys Enabling CrowdStrike to Process Trillions of Events per Day
Playing Hide-and-Seek with Ransomware, Part 2
The Anatomy of Wiper Malware, Part 4: Less Common “Helper” Techniques
Playing Hide-and-Seek with Ransomware, Part 1
The Anatomy of Wiper Malware, Part 3: Input/Output Controls
The Anatomy of Wiper Malware, Part 2: Third-Party Drivers
The Anatomy of Wiper Malware, Part 1: Common Techniques
Improving CrowdStrike Falcon® Detection Content with the Gap Analysis Team
A Deep Dive into Custom Spark Transformers for Machine Learning Pipelines
CrowdStrike Falcon® Stops Modern Identity-Based Attacks in Chrome
How CrowdStrike Achieves Lightning-Fast Machine Learning Model Training with TensorFlow and Rust
Mirai Malware Variants for Linux Double Down on Stronger Chips in Q1 2022
macOS Malware Is More Reality Than Myth: Popular Threats and Challenges in Analysis
How Human Intelligence Is Supercharging CrowdStrike's Artificial Intelligence
CrowdStrike Falcon® Enhances Fileless Attack Detection with Intel Accelerated Memory Scanning Feature
A More Modern Approach to Logging in Go
Programs Hacking Programs: How to Extract Memory Information to Spot Linux Malware
How a Generalized Validation Testing Approach Improves Efficiency, Boosts Outcomes and Streamlines Debugging
End-to-end Testing: How a Modular Testing Model Increases Efficiency and Scalability
Managing Dead Letter Messages: Three Best Practices to Effectively Capture, Investigate and Redrive Failed Messages
Unexpected Adventures in JSON Marshaling
A Principled Approach to Monitoring Streaming Data Infrastructure at Scale
WebAssembly Is Abused by eCriminals to Hide Malware
Improving Performance and Reliability of Internal Communication Among Microservices: The Story Behind the Falcon Sandbox Team’s gRPC Journey
Development Cost of Porting TensorFlow Models to Pure Rust
Re-searching Hyperparameters for Training Boosted Tree Models
Addressing Uneven Partition Lag in Kafka
Shlayer Malvertising Campaigns Still Using Flash Update Disguise
Sharding Kafka for Increased Scale and Reliability
Testing Data Flows Using Python and Remote Functions
CrowdStrike Services Releases AutoMacTC 1.2.0
Preventing Exploitation of the ZIP File Format
Grafana Alerting in a Multi-cloud World
Know Your Enemy: Exploiting the Dell BIOS Driver Vulnerability to Defend Against It
CrowdStrike Falcon® Detects Kernel Attacks Exploiting Vulnerable Dell Driver (CVE-2021-21551)
Blocking Fileless Script-based Attacks Using CrowdStrike Falcon®'s Script Control Feature
Building on the Shoulders of Giants: Combining TensorFlow and Rust
Making Threat Graph Extensible: Leveraging the Intermediate Representation to Generate Go Code (Part 2 of 2)
Making Threat Graph Extensible: Leveraging a DSL to Improve Data Ingestion (Part 1 of 2)
The Rise and Fall of WebNavigatorBrowser: Chromium-based Adware Browser
Beefing up the Sandbox (and More): Signature Chaining to Pinpoint More Malware Behaviors
Press #1 to Play: A Look Into eCrime Menu-style Toolkits
Dealing with Out-of-memory Conditions in Rust
Detecting and Preventing Kernel Attacks
Herpaderping: Security Risk or Unintended Behavior?
Stellar Performances: How CrowdStrike Machine Learning Handles the SUNSPOT Malware
Testing the Untestable in Java
Seeing Malware Through the Eyes of a Convolutional Neural Network
Memorizing Behavior: Experiments with Overfit Machine Learning Models
Python 2to3: Tips From the CrowdStrike Data Science Team
GuLoader: Peering Into a Shellcode-based Downloader
Three Best Practices for Building a High-Performance Graph Database
Best Practices: Improving Fault-Tolerance in Apache Kafka Consumer
Oh No! My Data Science Is Getting Rust-y
CharCNNs and PowerShell Scripts: Yet Another Fight Against Malware
Malspam in the Time of COVID-19
Convolutional Neural Networks Are MALE Models for PE Malware
Building a String-Based Machine Learning Model to Detect Malicious Activity
Gimme Shellter
Large-Scale Endpoint Security MOLD Remediation
How We Use Apache Airflow at CrowdStrike, Part 1
Is Measurable Security Possible?
Hardening Neural Networks for Computer Security Against Adversarial Attack
How CrowdStrike Uses SHAP to Enhance Machine Learning Models
Using Docker to Do Machine Learning at Scale
MITRE ATT&CK: Why Detections and Tainted Telemetry are Required for an Effective EDR Solution
Taking Security to the Next Level: CrowdStrike Now Analyzes over 100 Billion Events Per Day
CrowdStrike Machine Learning and VirusTotal