2023 CrowdStrike Threat Hunting Report CrowdCast


Know them. Find them. Stop them.

Join us for an exclusive webinar as we unlock the novel and prominent adversary tradecraft, exposed by Falcon® OverWatch. CrowdStrike’s proactive 24/7 threat hunting team.

Discover the dynamic evolution of adversary tradecraft and tooling over the past year, and gain unparalleled insights from our expert threat hunters as they discuss standout intrusions and techniques. Equip yourself with real-world experiences to fortify your security strategy and outmaneuver fast-moving threats. Stay ahead of adversaries by understanding both global and regional trends.

What to expect

In this webcast you will:

  • Unveil the startling 583% surge in identity-based Kerberoasting attacks and learn how specialized identity threat hunting can halt them in their tracks.
  • Defend against rising cloud-based intrusions with effective countermeasures.
  • Discover the hardest-hit industry sectors targeted by eCrime and targeted intrusions.
  • Witness the evolution of adversary tradecraft, from development to deployment, and the steps taken by Falcon OverWatch threat hunters to unearth these stealthy, sophisticated attacks.
  • Explore predictions of attack trends and tradecraft in the next 12 months. Arm yourself with immediate key countermeasures to become a formidable defender.

Featured Speakers

Adam Meyers

Senior Vice President, Counter Adversary Operations

AMS and APAC Sessions

As Senior Vice President of Intelligence for CrowdStrike, Adam Meyers oversees all of CrowdStrike’s intelligence gathering and cyber-adversarial monitoring activities. Meyers has authored numerous papers for peer-reviewed industry venues and has received awards for his dedication to the information security industry. Previously, Meyers was the director of cybersecurity intelligence with the National Products and Offerings Division of SRA International, where he provided technical expertise at the tactical level and strategic guidance on overall security program objectives.

Greg Foss

Manager, CrowdStrike® Falcon OverWatch™

EMEA Session

Greg Foss leads an elite team of threat hunters and intrusion researchers as part of CrowdStrike Falcon OverWatch's 24/7 Managed Threat Hunting service. The TRACE team is the OverWatch division responsible for developing, curating, and disseminating tactical intelligence and thought leadership derived from the ongoing research, enrichment, analysis, and tracking of sophisticated intrusions by nation-state and criminally motivated adversaries. Foss has worked in varying roles across threat research and security operations throughout his career as both a practitioner and leader. Having built a security operations program from the ground up, consulted in offensive security, and monitored networks as an analyst in prior roles.

Bill Batchelor

Senior Intrusion Researcher, CrowdStrike® Falcon OverWatch™

AMS Session

Currently a Sr. Intrusion Researcher within OverWatch, Bill is a tested and proven cyber security professional with over ten years deep financial sector experience, having previously served as an Incident Responder and Manager at a Global Money Center Bank’s cybersecurity fusion center, as Security Operations Manager at a US regional bank, and as Technical Intelligence Leader at a large financial services company. He has extensive knowledge of cyber threat intelligence, tactical threat detection, SIEM dashboarding, threat hunting and incident response. He holds an MBA in Information Technology from New York University and SANS certifications focused on threat hunting, detection and incident response including GCIH, GCFA and GCDA, and is an active member of the GIAC Advisory Board.

Michael Collins

Senior Intrusion Researcher, CrowdStrike® Falcon OverWatch™

AMS Session

Mike is currently a Sr. Intrusion Researcher within OverWatch. Prior to his current role, he was a Threat Hunter on the Advanced Threat Analysis team on OverWatch. Before coming to CrowdStrike, he also threat hunted for a large MSSP as well as the United States Air Force. He still currently serves in the Air Force Reserves as a Cyber Warfare Officer. He holds a MS degree in Information Security and has obtained several certifications including GCPN, GCFA, CASP, Sec+, CCFH and CISSP.

Ryan Hunt

Senior Intrusion Researcher, CrowdStrike® Falcon OverWatch™

EMEA Session

Ryan has been engaged with the cyber security community for the past ten years, working alongside various commercial and government clients. His background involves incident response, digital forensics, intrusion research, and threat hunting. He holds a BSc degree in Information Security and has gained several industry certifications including GCIA, GMON, GREM, and GCFA. Based out of London, Ryan is currently a senior intrusion researcher for CrowdStrike where he has spent the past three years contributing towards OverWatch publications, analysing intrusion tradecraft, and communicating the value of threat hunting and how it can be leveraged to uncover malicious interactive tradecraft.

Jamie McGrory

Intrusion Researcher, CrowdStrike® Falcon OverWatch™

EMEA Session

Jamie McGrory is an Intrusion Researcher tracking adversary tradecraft and trends as part of CrowdStrike’s Falcon OverWatch™ managed threat hunting team, and has been with the team for over 6 months. Jamie has 8 years experience in the private sector, previously providing cybersecurity expertise to a Global Pharmaceutical company with his background including cybersecurity operations, incident response, threat hunting, and threat intelligence. He holds a BSc in Cybersecurity and is based out of Scotland.

Jai Minton

Sr. Intrusion Researcher, CrowdStrike® Falcon OverWatch™

APAC Session

Jai is currently a Sr. Intrusion Researcher within CrowdStrike’s Falcon OverWatch Team. Previously Jai spent 3 years leading a team of MDR analysts in investigating, and responding to both eCrime and Targeted intrusions as a Senior, and then Principal, Analyst within CrowdStrike’s Falcon Complete Team. Before joining CrowdStrike Jai worked in roles throughout both the public and private sector that involved penetration testing, incident response, security operations, malware analysis, and information security management. Jai has had his research findings included in various certifications, currently holds; a Bachelor of Information Technology, Diploma of Government, is an Offensive Security Certified Professional (OSCP), GIAC iOS and MacOS Examiner (GIME), and was an Academic Advisor for Security Blue Team’s ‘Blue Team Level 2’ (BTL2) certification.

Tom Simpson

Intrusion Researcher, CrowdStrike® Falcon OverWatch™

APAC Session

Tom is an Intrusion Researcher within Falcon OverWatch. Prior to his current role, Tom worked as a Senior Analyst within the Falcon Complete Managed Detection and Response team for APJ. Before coming to CrowdStrike, Tom spent close to 10 years working for multiple Australian Defence Force support organizations, working on administration and engineering of secure systems. Tom is also SANS certified, currently holding the GSEC, GCIH and GREM, as well as offering his time volunteering as a SANS teaching assistant. Tom enjoys researching the latest trends in Adversary tactics, techniques and procedures and sharing his findings through blog posts and conference talks.


  • OS icon
  • deployment icon
  • installation icon

For technical information on installation, policy configuration and more, please visit the CrowdStrike Tech Center.

Visit the Tech Center