Tag

Endpoint-Security

4 briefs RSS

Potential Evasion via Windows Filtering Platform Blocking Security Software

Adversaries may add malicious Windows Filtering Platform (WFP) rules to prevent endpoint security solutions from sending telemetry data, impairing defenses, which this rule detects by identifying multiple WFP block events where the process name is associated with endpoint security software.

Windows Filtering Platform +2 defense-evasion windows-filtering-platform endpoint-security

2r 2t 8h ago

medium advisory

CrowdStrike Innovations Secure AI Agents and Govern Shadow AI

2 rules 2 TTPs

CrowdStrike is introducing innovations to secure AI agents and govern shadow AI across endpoints, SaaS, and cloud environments by extending AI detection and response (AIDR) capabilities to cover desktop AI applications and provide visibility into AI-related components, helping to prevent prompt attacks, data leaks, and policy violations.

AI AI-Security Shadow-AI Endpoint-Security SaaS Cloud

2r 2t Mar 28, 2026

high advisory

CrowdStrike Falcon Enhancements Secure AI Agents and Govern Shadow AI

2 rules 3 TTPs

CrowdStrike is enhancing its Falcon platform with AI Detection and Response (AIDR) to secure AI agents and govern shadow AI across endpoints, SaaS, and cloud, addressing threats like prompt injection attacks, data leaks, and policy violations.

ai shadow-ai prompt-injection data-leak endpoint-security

2r 3t Mar 28, 2026

medium advisory

CrowdStrike Falcon Enhancements for Securing AI Agents and Governing Shadow AI

2 rules

CrowdStrike is enhancing its Falcon platform with new AI detection and response capabilities to secure AI agents and govern shadow AI across endpoints, SaaS, and cloud environments, addressing threats like prompt injection and data leaks.

AI-Security Shadow-AI Endpoint-Security

2r Mar 28, 2026