.jpg)
CrowdStrike today announced Falcon OverWatch for Defender, extending industry-leading managed threat hunting to Microsoft endpoint customers. Falcon OverWatch for Defender strengthens security outcomes for Microsoft Defender with enhanced visibility, real-time detection and response, and continuous expert monitoring to identify and stop sophisticated threats that would otherwise go undetected, extending the value of existing endpoint deployments. For organisations standardised on Microsoft Defender, automated detections alone leave gaps that today's AI-accelerated adversaries are built to exploit.
82% of detections in 2025 were malware-free (CrowdStrike 2026 Global Threat Report).
Breakout times as fast as 27 seconds.
Falcon OverWatch tracks over 280 nation-state, eCrime, and hacktivist groups.
Analysies up to 6.2 trillion events per day with patented AI and proprietary detection patterns.
Can reduce alert volume up to 500x with 98% true positives.
Up to 95% reduction in threat hunting staffing costs.
According to the CrowdStrike 2026 Global Threat Report, 82% of detections in 2025 were malware-free. Adversaries are increasingly using AI, trusted identities, and legitimate tools to accelerate attacks, blend into normal activity, and evade detection. At the same time, frontier AI models are surfacing a surge of new vulnerabilities adversaries can exploit. With breakout times as fast as 27 seconds, alert-driven approaches alone cannot keep pace. Identifying and stopping stealthy threats requires continuous, intelligence-driven threat hunting. Powered by the AI-native Falcon platform and deep adversary expertise, Falcon Adversary OverWatch's elite threat hunters rapidly uncover and disrupt evasive threats.
Falcon OverWatch for Defender uncovers subtle patterns of attack, escalates high-confidence threats, and guides response to disrupt sophisticated threats that might otherwise go undetected, without impacting existing protections. Key features include Adversary Intelligence-Driven Hunting where CrowdStrike tracks over 280 of the world's most sophisticated nation-state, eCrime, and hacktivist groups, leveraging this intelligence to identify real threat actor behaviour and deliver high-confidence detections; AI-Powered Threat Hunting at Machine Speed and Scale where the OverWatch team analyses up to 6.2 trillion events per day, uncovering stealthy and novel threats; and Power of the Crowd where with visibility across CrowdStrike's vast global customer base, OverWatch rapidly applies new techniques identified in one environment across others, enabling earlier detection and response – a capability no single-customer deployment can replicate.
About CrowdStrike
CrowdStrike, a global cybersecurity leader, has redefined modern security with the world's most advanced cloud-native platform for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity and data. Powered by the CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft, and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting, and prioritised observability of vulnerabilities.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.