Microsoft and CrowdStrike Align to Deduplicate 80% of Threat Actors

Microsoft and
have announced a strategic collaboration aimed at enhancing the coordination and tracking of cyber threat actors across different security vendors. This partnership focuses on mapping threat actor aliases and aligning attacker attributions across various platforms, thereby reducing the confusion caused by different naming systems. The goal is to accelerate the response of network defenders to complex cyber threats.The two companies have developed a shared network threat intelligence mapping system. This system connects attacker identifiers across different supplier ecosystems without enforcing a single naming standard. By doing so, it allows for a more cohesive approach to identifying and mitigating cyber threats. This mapping reduces the ambiguity of attacker labels, enabling defenders to make faster and more confident decisions.
Adam Meyers, the head of CrowdStrike's OverWatch team, emphasized the importance of this collaboration. He stated, "Attackers hide behind the chaos created by technological and inconsistent naming. As defenders, our job is to stay ahead and ensure that security teams clearly understand who is attacking them and how to respond."
In addition to mapping threat actor aliases, the collaboration also involves coordinating the naming of attackers between CrowdStrike and Microsoft's threat research teams. The two companies have already successfully "deduplicated" over 80 threat actors, meaning they have aligned their naming conventions for these actors to ensure consistency across their platforms.
This partnership represents a significant step forward in improving cybersecurity by fostering better collaboration among security vendors. By sharing threat intelligence and aligning their approaches to identifying and tracking threat actors,
and CrowdStrike are setting a new standard for cooperation in the cybersecurity industry. This collaboration is expected to benefit not only the two companies but also the broader cybersecurity community, as it promotes a more unified and effective response to cyber threats.
Comments
No comments yet