In a major leap for cybersecurity operations, CrowdStrike has unveiled Falcon Adversary OverWatch Next-Gen SIEM, the industry’s first managed threat hunting solution that extends across third-party data sources — a significant expansion of its elite OverWatch capabilities.
Traditionally focused on endpoints, identity, and cloud environments, Falcon OverWatch now delivers 24/7 expert threat detection across previously unmanaged and siloed systems, including firewalls, VPNs, and email gateways — areas long targeted by stealthy adversaries.
“Today’s attackers exploit complexity and blind spots,” said Adam Meyers, Head of Counter Adversary Operations at CrowdStrike. “By extending OverWatch to third-party data, we eliminate those blind spots and bring unified visibility and expert-driven insights to every corner of the attack surface.”
The announcement targets growing gaps in Security Operations Centers (SOCs), where sprawling infrastructures and disjointed tools have made rapid detection and response increasingly difficult. CrowdStrike’s latest solution integrates seamlessly with Falcon Next-Gen SIEM, which unifies native and third-party telemetry, real-time intelligence, and AI-powered automation.
Key innovations include:
Expert-Led Threat Hunting Across All Attack Surfaces: Delivers round-the-clock threat hunting using third-party data alongside first-party telemetry, extending visibility to edge devices and legacy infrastructure.
User and Entity Behavior Analytics (UEBA): Uses advanced ML and AI to detect insider threats and lateral movement, while centralized case management accelerates investigations.
Unified Identity Security Integration: Combines Falcon Identity Protection and Falcon Next-Gen SIEM to detect identity-based threats and automate responses like account lockouts and MFA enforcement via Falcon Fusion SOAR.
CrowdStrike Pulse Services: Offers modular, expert-led consulting to boost SOC resilience with ransomware readiness, asset protection, and rapid response strategies.
With adversaries like FAMOUS CHOLLIMA and OPERATOR PANDA exploiting the weakest digital links, CrowdStrike’s move signals a paradigm shift — delivering proactive, expert-led defense at machine speed across the full digital ecosystem.
