惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

T
Threatpost
aimingoo的专栏
aimingoo的专栏
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
T
Tailwind CSS Blog
J
Java Code Geeks
博客园_首页
Google Online Security Blog
Google Online Security Blog
Hugging Face - Blog
Hugging Face - Blog
C
CXSECURITY Database RSS Feed - CXSecurity.com
I
Intezer
P
Palo Alto Networks Blog
V
Vulnerabilities – Threatpost
雷峰网
雷峰网
O
OpenAI News
SecWiki News
SecWiki News
小众软件
小众软件
酷 壳 – CoolShell
酷 壳 – CoolShell
美团技术团队
N
News | PayPal Newsroom
Project Zero
Project Zero
Forbes - Security
Forbes - Security
IT之家
IT之家
A
Arctic Wolf
WordPress大学
WordPress大学
Jina AI
Jina AI
T
Tor Project blog
博客园 - 三生石上(FineUI控件)
S
Secure Thoughts
Google DeepMind News
Google DeepMind News
Attack and Defense Labs
Attack and Defense Labs
博客园 - 聂微东
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
P
Privacy International News Feed
Cloudbric
Cloudbric
G
GRAHAM CLULEY
博客园 - 叶小钗
H
Hacker News: Front Page
腾讯CDC
量子位
Help Net Security
Help Net Security
人人都是产品经理
人人都是产品经理
C
Cyber Attacks, Cyber Crime and Cyber Security
月光博客
月光博客
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
宝玉的分享
宝玉的分享
爱范儿
爱范儿
L
Lohrmann on Cybersecurity
Hacker News - Newest:
Hacker News - Newest: "LLM"
Recorded Future
Recorded Future
C
CERT Recently Published Vulnerability Notes

Forbes - Innovation

Why Do Humans Have Fingerprints? Hint: It’s Not What You Think Booking.com Confirms Data Breach, Reservation PIN Codes Changed Why Major News Sites Are Blocking The Internet Archive’s Wayback Machine iPhone Fold Release Date: New Report Details Frustrating Apple News Comet Tracker: How To See Pan-STARRS And Three Planets On Wednesday NYT Mini Crossword Today: Tuesday, April 14 Hints And Answers Today’s NYT Strands Hints, Spangram, Answers: Tuesday, April 14 (It’s A Little Unclear) Today’s Wordle #1760 Hints And Answer For Tuesday, April 14 Most Of The Microplastics In Urban Air Come From Tires Today’s Wordle #1759 Hints And Answer For Monday, April 13 NYT Mini Crossword Today: Monday, April 13 Hints And Answers NYT Pips Today: Hints, Answers And Walkthrough For Monday, April 13 The YC Chief Who Codes 10,000 Lines A Day Has A Simple Secret Samsung Expands One UI 8.5 Beta To More Galaxy Owners Why You Should Stop Using Your iPhone If It’s On This List Chamath Says Firms That Treat AI As A Strategy Hand Rivals Their Edge 3 Unexpected Habits Of Secure Couples, By A Psychologist The First Lamp That Folds Your Clothes Samsung’s Disappointing Price Update For Galaxy Phone Buyers 3 Subtle Signs Someone Is Falling In Love With You, By A Psychologist Do Mantis Shrimp See More Colors Than Humans? A Biologist Explains NYT Connections Answers Explained For Monday, April 13 (#1,037) NYT Connections Hints Today: Monday, April 13 Clues And Answers (#1,037) LEGO Luigi & Mach 8 (72050) Review: 2026’s Best Set Yet? Marc Andreessen Says AI Productivity Will Trigger A Hiring Boom 3D Printing Is The Ultimate Hack To Reduce Household Spending Apple iPhone Fold: Striking Design Revealed In Leaked Photos Apple Smart Glasses: New Leak Reveals A Major Design Twist To Beat Meta Tested: The AI Coming To The Rivian R2 Quordle Hints Today: Monday, April 13 Clues And Answers Companies And H-1B Employees Endure Immigration Waits At Consulates 3 Easy Ways To Turn Anxiety Into Sustained Focus, By A Psychologist Here’s The Most Affordable Humanoid Robot You Can Buy Now UFC 327 Results: 5 Biggest Takeaways From A Wild Night In Miami UFC 327 Results, Bonus Winners, Highlights And Reactions Dana White Announces Huge New Fight For UFC White House Today’s NYT Strands Hints, Spangram, Answers: Sunday, April 12 (Get Ready) Tesla ‘Model 2’ Rises From The Ashes Today’s Wordle #1758 Hints And Answer For Sunday, April 12 NYT Pips Today: Hints, Answers And Walkthrough For Sunday, April 12 Tyson Fury Vs. Arslanbek Mahkmudov Results: Highlights and Reaction NYT Mini Crossword Today: Sunday, April 12 Hints And Answers How Shadow AI Culture Is Destroying Your Business Venture Capital Funds That Market Like Startups Win More Deals Conor Benn Vs. Regis Prograis Results: Highlights and Reaction Samsung’s Disappointing Price Update For Galaxy Phone Buyers Artemis Reached The Moon. The Grid Can Reach The 21st Century A Biologist Explains How Archerfish Shoot Down Prey. Hint: Their Aim Rivals Human Throwing Is It Time For Apple To Forget About The MacBook Air NYT Connections Hints Today: Sunday, April 12 Clues And Answers (#1036) Trump’s 2027 Budget To Reshape U.S. Environmental And Energy Policy CDC Delays Reporting Of COVID-19 Vaccine Benefits—Here’s What To Know Oura Has Designed A Solution To A Big Smart Ring Problem Netflix’s Best New Show Has A Near-Perfect 95% Rotten Tomatoes Score Coachella 2026 Is Being Taken Over By Creator Streams Quordle Hints Today: Sunday, April 12 Clues And Answers This Startup Wants To Use AI To Help Digitize History How To Get The Best Shield In ‘Crimson Desert’ Microsoft Venom Attack Targets C-Suite Executives ‘Maul: Shadow Lord’ Sets Even More Star Wars Rotten Tomatoes Records 3 Ways Happy Couples Argue Differently, By A Psychologist Success For Leapmotor Might Have Negatives For Stellantis New Names Surface As Potential Rogue And Wonder Woman In The MCU And DCU 4 Reasons Artemis Mission Matters Even If You Think It Is Wasteful Fast ‘Crimson Desert’ Patch Adds New Moves, Shield Hiding And One Great Feature Why Do Humans Blush? An Evolutionary Biologist Explains The Signal We Can’t Control Apple iPhone Fold: Striking Design Revealed In Leaked Photos Adobe Attacks Underway—Windows And Mac Users Given 72 Hours To Update iOS 26.4.1 Release: Crucial iPhone Feature Update Arrives, But No Security Fix Fury vs. Makhmudov Full Card, Ring Walk Times and How to Watch Can’t Stand Liquid Glass? This New Hidden iPhone Setting Is A Game-Changer Test-Driving The 2026 Changan Deepal S05: Italian Style Made In China NSA Warning—Reboot Your Internet Router Now Ways That Human-AI Collaboration Slides People Into ‘AI Brain Fry’ And Cognitive Downturns Stop Using These Networks—Google, NSA And TSA Warn NASA Changes Moon Plan: Landing Now Depends On SpaceX Or Blue Origin Samsung Expands One UI 8.5 Beta To More Galaxy Owners The Evolution Of Programmable Hardware At Xilinx NYT Mini Today: Saturday, April 11 Hints And Answers Today’s NYT Strands Hints, Spangram, Answers: Saturday, April 11 (You’re Putting Me On) Splashdown! NASA’s Artemis II Returns To Earth After Moon Mission Attention Is All You Need. The Human Kind Is Still The One That Counts Today’s Wordle #1757 Hints And Answer For Saturday, April 11 NYT Pips Today: Hints, Answers And Walkthrough For Saturday, April 11 Android Circuit: Galaxy S27 Pro Emerges, Honor 600 Pre-Order Offers, Pixel 11 Display Leaks Apple Loop: iPhone 18 Pro Leak, Urgent iOS Update, MacBook Neo Issues Morgan Stanley Has Mostly Positive Outlook On Tesla Robotaxi, FSD V15 Running Out Of AI Tokens Faster Than Ever? Here’s Why CoreWeave Shares Pop 13% After Anthropic Deal ‘Euphoria’ Season 3’s Rotten Tomatoes Score Crashes, Has Lost Key Player People Don’t Agree On What AI Can Do, But They Don’t Even Use The Same Product ‘Overwhelming’—Google Issues Gemini Update For Gmail Users NYT Connections Hints Today: Saturday, April 11 Clues And Answers (#1035) Quordle Hints Today: Saturday, April 11 Clues And Answers The Costly Dream Of Space-Based AI Infrastructure Can You See The Watcher In This ‘Daredevil: Born Again’ Shot? Adobe Attacks Underway—Windows And Mac Users Given 72 Hours To Update You Just Watched The Backdoor Pilot For ‘The Pitt: Night Shift’ Are Nicotine Pouches Like Zyn And VELO Safe To Use? A Doctor Answers Human Resources (HR) Is The Key To AI Success Per WalkMe ( SAP)
CrowdStrike’s Next Act: Securing The Era Of Enterprise Agentic AI
Steve McDowell · 2026-04-17 · via Forbes - Innovation
AI Security

AI Security

getty

A decade ago, enterprises hesitated to move critical workloads to the cloud. The technology was capable, but governance wasn’t. Security vendors that positioned themselves as the control layer captured enormous market value, CrowdStrike among them. The company's Falcon platform rode the cloud transition, becoming a dominant force in enterprise security. Now CrowdStrike is making the same bet on AI, and the evidence suggests it has a head start.

The threat environment has shifted in ways that make that bet urgent. CrowdStrike CEO George Kurtz disclosed at the recent RSA Conference 2026 in San Francisco that the fastest recorded adversary breakout time, the window between initial access and lateral movement inside a network, has dropped to 27 seconds, with the average now at 29 minutes, down from 48 minutes in 2024. The company's 2026 Global Threat Report found an 89 percent year-over-year increase in attacks in which adversaries deployed AI. These are measurements of what is already happening, not projections.

Michael Sentonas, CrowdStrike's president, puts the consequences of frontier AI models in blunt terms: the cost equation for attackers has changed permanently. "You do not need any capability," Sentonas told me in a recent briefing. "You just need a prompt and intent." The democratization of sophisticated attack capabilities has now reached its logical endpoint. Every organization, regardless of size or sector, faces the possibility of encountering a zero-day-class threat on any given day.

The Platform Response

CrowdStrike’s response to this environment is an expansion of its Falcon platform across the full AI security stack, announced at RSAC 2026. Its strategy treats the enterprise endpoint as the control plane for AI governance. This is the place where AI agents ultimately execute, data flows, and malicious or unauthorized behavior can be intercepted in real time.

CrowdStrike’s platform covers several interconnected problems:

  • Shadow AI Discovery identifies AI applications and agents running across enterprise endpoints without authorization from the security team. CrowdStrike says it has already discovered more than 1,800 distinct AI applications running on enterprise endpoints across its customer base.
  • AI Detection and Response intercepts prompts sent to language models, provides visibility into which queries are submitted, and enables organizations to block or flag content categories before they reach the model. The capability uses a language model for detection rather than signatures, which matters because prompt injection attacks evolve faster than rule sets can keep up.
  • Charlotte AI AgentWorks opens the Falcon platform to external AI providers, enabling enterprises to build custom security agents on Falcon with frontier models. Launch partners include Anthropic, AWS, NVIDIA, OpenAI, and Salesforce, among others.
  • Falcon Next-Gen SIEM now ingests Microsoft Defender for Endpoint telemetry without requiring additional sensors, dramatically lowering the barrier to adoption for Microsoft-centric organizations seeking to leverage CrowdStrike's security operations capabilities without displacing existing tooling.

The architectural logic is consistent across all these capabilities: because AI agents run on endpoints, access data via identity credentials, and trigger downstream workflows, securing them requires sensor-level visibility at the device level. This is the same visibility that CrowdStrike built its business on.

Sentonas frames the agent problem precisely, saying, "you're not just securing software. You're securing autonomous behaviors." He went on to say that traditional perimeter and application controls were not built for systems that are goal-seeking by design.

AI Builders Ring the Alarm

The most significant recent development in AI-driven cybersecurity did not come from a security vendor, but from the frontier model builders themselves. Both Anthropic and OpenAI have concluded that the offensive capabilities of their most advanced models now require a structured, restricted approach to deployment. Both have also launched formal programs to put those capabilities in defenders' hands first.

Anthropic’s Project Glasswing

Anthropic launched Project Glasswing alongside a limited preview of Claude Mythos, its most capable model to date. The trigger was straightforward. During internal testing, Mythos demonstrated the ability to autonomously identify and exploit zero-day vulnerabilities across all major operating systems and web browsers.

Faced with a model that surpasses even the most skilled human security researchers at finding exploitable flaws, Anthropic chose not to release it publicly. Instead, it assembled a coalition of twelve founding partners, committed up to $100 million in usage credits, and structured access with a binding requirement that the model be used exclusively for defensive purposes.

The founding partner list for Project Glasswing reads like a cross-section of the organizations responsible for the largest portion of the world's shared attack surface, including Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks.

The presence of both CrowdStrike and Palo Alto, the two largest independent cybersecurity vendors, alongside hyperscalers and critical infrastructure operators, highlights Anthropic's intent to bring adversarial expertise, not just compute capability, into the feedback loop.

Sentonas described CrowdStrike's role as a closed-loop arrangement in which the company contributes real-world intelligence gathered by tracking 280-plus adversary groups daily, evaluates how the model can be used offensively, and provides feedback on the guardrails required before broader deployment.

OpenAI Trusted Access for Cyber Program

Days later, OpenAI followed with a parallel but structurally distinct approach. The company unveiled GPT-5.4-Cyber, a variant of its latest flagship model, fine-tuned for defensive security work, including binary reverse-engineering capabilities that enable analysis of compiled software without access to the source code. It also expanded its Trusted Access for Cyber program, introduced in early 2026.

While Anthropic restricted Mythos to 12 named partners plus roughly 40 additional vetted organizations, OpenAI opted for a tiered identity-verification model designed to scale to thousands of individual defenders and hundreds of security teams.

Two Approaches, One Goal

The philosophical difference is meaningful. Anthropic controls access through organizational vetting and contractual obligations, while OpenAI controls access through identity verification and know-your-customer processes, with the goal of making the capability as broadly available as responsible practice allows. CrowdStrike is also integrated into the OpenAI ecosystem, and the Falcon platform's AIDR capability already works with OpenAI's models.

The two initiatives converge on the core idea that the capabilities now embedded in frontier models are too dangerous to release without governance structures, and that security vendors are best positioned to build them.

That philosophy elevates the strategic importance of firms in both programs. Palo Alto Networks participates in Project Glasswing, and CrowdStrike participates in both programs. Security vendors outside these coalitions face a growing capability gap that market position alone cannot close.

The Competitive Landscape

CrowdStrike is not alone in pursuing AI security as a platform expansion. Palo Alto Networks announced Prisma AIRS 3.0 at RSAC, extending its cloud security platform to AI agents with runtime controls and an agentic identity provider. Microsoft has integrated AI security into its Defender and Sentinel stack, and the combination of Microsoft Sentinel and Security Copilot offers a credible alternative architecture for organizations already standardized on Microsoft. Startups such as HiddenLayer and Protect AI focus specifically on machine learning model security, a narrower but technically deep segment of the problem.

CrowdStrike's differentiation rests on three factors that are difficult to replicate quickly:

  • Its existing endpoint footprint provides telemetry coverage that no new entrant or adjacent vendor has yet achieved.
  • Its position within both the Glasswing and TAC ecosystems places it directly within the development cycle of the most capable models from both major frontier AI providers, giving it early insight into offensive potential and defensive requirements before those capabilities reach the broader market.
  • The breadth of its RSAC partner announcements — spanning Anthropic, OpenAI, NVIDIA, Salesforce, AWS, and Intel, among others — reflects ecosystem positioning that takes years to build.

For enterprises evaluating AI security vendors, the Glasswing and TAC partnerships serve as useful proxies for assessing depth. Participation is not self-selected, as both Anthropic and OpenAI chose their partners based on their ability to contribute adversarial expertise and endpoint coverage, rather than on commercial relationships. Vendors in those programs have access to model capabilities and vulnerability intelligence that others do not. That gap widens as frontier models continue to improve.

Analyst’s Take

CrowdStrike's financial results reflect what Sentonas describes as the largest driver of security demand since enterprise computing moved to the cloud. The company has reported two consecutive quarters of reacceleration in its core endpoint business, which it attributes directly to enterprise concerns about whether legacy security tooling can handle AI-era threats. Falcon Next-Gen SIEM grew 75 percent year-over-year as of the company's Q4 FY26 earnings.

These numbers reflect a buyer dynamic in which enterprises are upgrading because they believe their current posture is inadequate, and that assessment is narrowing as AI agent deployments move from pilot to production.

The urgency is also evident in the broader regulatory environment. The EU AI Act's next enforcement phase takes effect later this year, imposing cybersecurity requirements on high-risk AI systems and incident-reporting obligations, with penalties of up to 3% of global revenue.

Enterprises deploying AI in regulated industries now need the technical controls to demonstrate compliance, not merely the intent to provide them. CrowdStrike's AIDR capability, with its audit trail, prompt visibility, and policy enforcement, directly addresses that requirement. For organizations that have deferred AI governance investment, the window to do so quietly is closing.

The coordinated moves by Anthropic and OpenAI to gate their most capable cyber models signal something broader than product strategy. Both companies have concluded that frontier AI capability and cybersecurity are now inseparable. This means the most powerful models can’t be deployed without involving the firms that understand how those capabilities will be weaponized.

CrowdStrike's argument is not that it has solved the AI security problem. Rather, it is that it built the platform, the telemetry base, and the adversarial intelligence over a decade, making it the right partner as that problem scales. The frontier model builders appear to agree.