CrowdStrike launches Falcon MalQuery cybersecurity engine capabilities

The search engine has a new malware search and detection component for threat indexing.
Written by Charlie Osborne, Contributing Writer

CrowdStrike has unveiled new malware and intelligence gathering capabilities for the Falcon cybersecurity search engine.

On Tuesday, the cybersecurity firm said the CrowdStrike Falcon search engine now includes a malware search and intelligence component. Dubbed MalQuery, this bolt-on feature can be used to more clearly see and utilize threat intelligence gained from the Internet.

Cyberattack rates show no signs of stopping and are becoming more complex in some cases, and simply more accessible in others. State-sponsored attackers are given budgets large enough to compromise mobile devices, business networks, and even turn global events such as elections, while your average script kiddie now has access to cheap tools and ready-made malware which can be used to target both SMBs and your average consumer.

In order to try and keep ahead of these trends, CrowdStrike's search engine uses over 560TB of files and analyzes over 51 billion events per day to create a benchmark database for security researchers and IT professionals to quickly utilize in recognizing and shutting down suspicious activity.

Users are able to search across file metadata, the binary contents of the file itself, as well as the threat intelligence related to the file.

CrowdStrike says the new MalQuery search capabilities now have improved the speed of the search engine significantly, as well as faster, more accurate results will which also benefit the user.

"This yields high fidelity results and empowers the researcher to take informed action based on only the most relevant search results and their related threat intelligence," the company says.

In addition, the search engine also offers protection rule suggestions to lower the risk of future attacks.

"Today's threat landscape demands speed and precision - some of the best minds in cybersecurity are hampered by slow search tools and limited data sets," said George Kurtz, CrowdStrike co-founder and CEO. "We believe that real-time data access is how cybersecurity professionals can get ahead of modern-day threats, and we've built the fastest AI-enabled platform that makes this possible. With today's launch, we are fundamentally changing the game by empowering threat researchers to outpace the adversary with this solution."

See also: Dump the snake oil and show security researchers some respect

Earlier this month, security outfit Rapid7 acquired security orchestration and automation company Komand. The firm hopes that Komand technology can pave the way for enterprise customers to take advantage of streamlined security solutions.

Editorial standards