September 30, 2023

CrowdStrike introduced AI intelligence-powered Indicators of Attack (IoA), an innovation for fileless attack prevention at a large scale that delivers enhanced visibility of stealthy cloud intrusions.


This will be available on the CrowdStrike Falcon platform and powered by its Security Cloud. The new detection and response capabilities are said to stop emerging attack techniques and enable organizations to optimize the threat detection and response lifecycle with speed, scale, and accuracy.

IoAs is in production for a long time and brings a new approach to stopping breaches based on adversary behavior irrespective of the malware or exploit used in an attack. The enhancement of the service with AI now delivers new IoAs at machine speed and scale.

The new capabilities include detecting new classes of attacks faster than ever. By using continuous learning AI models trained on real-world adversary behavior, Falcon can detect and find emerging attack techniques.

Automated prevention with high-fidelity detection shutdowns attacks based on a chain of behaviours, regardless of the specific malware or tools used, with cloud-native AI models constantly delivered to the Falcon agent with newly found IoAs.


Users can activate IoAs at cloud scale, trained on human-led expertise, with insights combined with CrowdStrike’s threat hunting team to minimize false positives, maximize analyst productivity, and deploy threat hunting at scale.

The AI IoAs is generally available for Falcon Prevent and Falcon Insight customers.

Leave a Reply

%d bloggers like this: