CrowdStrike Expands Managed Threat Hunting with Falcon OverWatch for Defender for Microsoft Endpoint Users

## Overview
CrowdStrike (NASDAQ: CRWD) today announced the expansion of its industry-leading Falcon OverWatch for Defender managed threat hunting to Microsoft Defender endpoint users. Falcon OverWatch for Defender features expanded visibility, real-time detection and response, and continuous expert-led monitoring, enhancing Microsoft Defender security outcomes by identifying and stopping sophisticated, undetected threats, thereby adding value to existing endpoint deployments.

Organizations standardizing on Microsoft Defender face areas where automated detection alone falls short, leaving them vulnerable to attackers accelerated by the latest AI. Falcon OverWatch for Defender addresses these gaps by identifying and stopping threats before they escalate through continuous, expert-driven threat hunting. This announcement is part of CrowdStrike's ongoing support for Microsoft environments following the launch of Falcon OverWatch for Defender.

Adam Meyers, Head of Counter Adversary Operations at CrowdStrike, stated: "Today's attacks are highly stealthy and move fast, designed to evade detection, making expert-led threat hunting indispensable. OverWatch for Defender extends proven threat hunting to Microsoft environments, delivering the most important outcome for our customers: preventing breaches."

## Proactively Hunting Stealthy Attackers
According to the "CrowdStrike 2026 Global Threat Report," 82% of threats detected in 2025 were malware-free. Attackers are increasingly abusing AI, trusted identities, and legitimate tools to accelerate attacks while blending into normal business activities to evade detection. Meanwhile, the development of frontier AI models is creating new vulnerabilities that attackers can exploit. With breakout times as short as 27 seconds, alert-driven approaches are insufficient. Identifying and stopping stealthy threats requires continuous, intelligence-driven threat hunting. Elite threat hunters from Falcon Adversary OverWatch utilize the AI-native CrowdStrike Falcon platform and deep expertise on adversaries to quickly discover and stop evasive threats.

## Falcon OverWatch for Defender
Falcon OverWatch for Defender detects sophisticated attack patterns, escalates high-confidence threats, and provides actionable guidance to stop sophisticated threats, eliminating undetected threats without impacting existing protection functionality.

Key features and benefits include:
- **Adversary Intelligence-Led Hunting**: CrowdStrike tracks over 265 of the world's most sophisticated state-sponsored cybercrime (eCrime) and hacktivist groups. Industry-leading threat hunters leverage this intelligence to identify real adversary behaviors, enabling high-confidence detection and stopping sophisticated attacks.
- **AI-Powered, Machine-Speed, Machine-Scale Threat Hunting**: The OverWatch team utilizes patented AI, proprietary detection patterns, and deep adversary expertise to analyze up to 6.2 trillion events per day, uncovering new stealthy threats.
- **Power of the Cloud**: OverWatch leverages visibility from CrowdStrike's vast global customer base, quickly applying new techniques identified in one environment to others for faster detection and response—an advantage that cannot be replicated in isolated customer deployments.

Customer case studies show that Falcon OverWatch implementation reduced alert volume by up to 500x, achieved a 98% true positive rate, and cut threat hunting personnel costs by up to 95%. OverWatch for Defender brings these proven results to Microsoft Defender customers.