signature-based tools, cross-domain attacks demand full visibility across systems.
Falcon Next-Gen SIEM forms the AI-powered foundation of security operations. By unifying first- and third-party data, threat intelligence and AI-driven automation, it provides defenders with comprehensive visibility and the ability to respond at AI speed. It maps the full attack path and correlates suspicious behaviours missed by legacy tools.
The report highlights adversaries’ increasing focus on attacking AI deployments. Why is this occurring?
AI systems are expanding the organisational attack surface. Autonomous workflows and non-human identities are high-value targets. Attackers exploit AI tools to gain unauthorised access, establish persistence, harvest credentials and deploy malware or ransomware.
As enterprises adopt AI to boost efficiency and speed, securing deployed AI tools and models becomes critical. This includes monitoring
CrowdStrike 2025 Threat Hunting Report – key findings
• A major shift in cyberattacks as adversaries weaponise GenAI to scale operations and accelerate attacks, increasingly targeting autonomous AI agents.
• Advanced groups like FAMOUS CHOLLIMA are integrating GenAI into insider operations.
• Lower-tier eCrime actors use AI to generate scripts, solve technical problems and build malware.
• Multiple actors exploit vulnerabilities in AI agent development tools, gaining access, persistence and credentials while deploying malware and ransomware.
• The agentic AI revolution is expanding the enterprise attack surface, turning autonomous workflows and non-human identities into prime targets.
integrations, preventing model tampering and detecting misconfigurations.
AI Security Posture Management( AI-SPM) delivers visibility and protection for AI models by identifying vulnerabilities and misconfigurations. Falcon Shield secures AI agents across SaaS environments by mapping agents to human creators, detecting risky
WWW. INTELLIGENTCISO. COM 39