Microsoft and CrowdStrike collaborate to share information on cyber attackers
Microsoft collaborates with CrowdStrike to coordinate the identification and tracking of cyber threat actors across security vendors. By mapping attacker aliases and aligning attacker attribution, confusion caused by different naming systems is reduced, accelerating the response of cyber defenders. Both parties have developed a shared cyber threat intelligence mapping system that connects attacker identifiers across different ecosystems, successfully deduplicating over 80 attackers
According to Zhitong Finance APP, Microsoft (MSFT.US) and CrowdStrike (CRWD.US) are collaborating to coordinate the identification and tracking of cyber threat actors across security vendors.
The two companies stated that by mapping the aliases of cyber threat actors and aligning attacker attribution across platforms, this collaboration reduces confusion caused by different naming systems and accelerates the response of cyber defenders to complex attackers.
The two companies have developed a shared cyber threat intelligence mapping system that connects attacker identifiers across different vendor ecosystems without mandating a single naming standard.
They claim that by reducing the ambiguity of attacker labels, this mapping enables defenders to make decisions more quickly and confidently.
Adam Meyers, Senior Vice President of Intelligence at CrowdStrike, stated, "Attackers hide behind the confusion caused by technology and inconsistent naming. As defenders, our job is to stay ahead and make sure security teams clearly know who is attacking them and how to respond."
The two companies also mentioned that this collaboration will coordinate the attacker naming between the CrowdStrike and Microsoft threat research teams. Currently, both sides have successfully deduplicated over 80 attackers
