New CrowdStrike Innovations Secure AI Agents and Govern Shadow AI Across Endpoints, SaaS, and Cloud
Summary
Organizations deploying AI tools and agents are creating new security vulnerabilities, particularly through attacks like indirect prompt injection (tricking an AI by hiding malicious instructions in its input) and agentic tool chain attacks (compromising the sequence of tools an AI agent uses). CrowdStrike is addressing this gap by expanding its Falcon platform with new AI detection and response capabilities that monitor desktop AI applications, discover shadow AI (unauthorized AI tools), and detect threats across endpoints, cloud, and SaaS environments.
Solution / Mitigation
CrowdStrike Falcon AIDR is extending runtime threat detection to desktop AI applications (ChatGPT, Gemini, Claude, DeepSeek, Microsoft Copilot, O365 Copilot, GitHub Copilot, and Cursor) with visibility into prompt content and the ability to detect prompt attacks and data leaks. The capability is currently in pre-beta and will be generally available in Q2. Additionally, AI Discovery in CrowdStrike Falcon Exposure Management, now generally available, automatically discovers AI-related components running on endpoints in real time, including AI apps, agents, LLM (large language model) runtimes, MCP (Model Context Protocol) servers, and IDE extensions.
Classification
Affected Vendors
Related Issues
Original source: https://www.crowdstrike.com/en-us/blog/new-crowdstrike-innovations-secure-ai-agents-govern-shadow-ai/
First tracked: March 23, 2026 at 02:00 PM
Classified by LLM (prompt v3) · confidence: 88%