CrowdStrike was co-founded by
George Kurtz (CEO),
Dmitri Alperovitch (former CTO), and Gregg Marston (CFO, retired) in 2011.[7][8][9][10] In 2012, Shawn Henry, a former
Federal Bureau of Investigation (FBI) official, was hired to lead the subsidiary CrowdStrike Services, Inc., which focused on proactive and incident response services.[11][12] In June 2013, the company launched its first product, CrowdStrike Falcon, which provided endpoint protection, threat intelligence and attribution.[13][14]
In May 2014, CrowdStrike's reports assisted the
United States Department of Justice in charging five Chinese military hackers for economic
cyber espionage against United States corporations.[15] CrowdStrike also uncovered the activities of
Energetic Bear, a group connected to the
Russian Federation that conducted intelligence operations against global targets, primarily in the energy sector.[16]
After the
Sony Pictures hack, CrowdStrike uncovered evidence implicating the government of North Korea and demonstrated how the attack was carried out.[17] In 2014, CrowdStrike played a major role in identifying members of Putter Panda, the state-sponsored Chinese group of hackers also known as
PLA Unit 61486.[18][19]
In May 2015, the company released information about
VENOM, a critical flaw in an open-source
hypervisor called
Quick Emulator (QEMU), that allowed attackers to access sensitive personal information.[20][21] In October 2015, CrowdStrike announced that it had identified Chinese hackers attacking technology and pharmaceutical companies around the time that
US PresidentBarack Obama and China's
Paramount leaderXi Jinping publicly agreed not to conduct economic espionage against each other. The alleged hacking would have been in violation of that agreement.[22]
CrowdStrike released research in 2017 showing that 66 percent of the attacks the company responded to that year were fileless or malware-free. The company also compiled data on the average time needed to detect an attack and the percentage of attacks detected by organizations.[23]
In February 2018, CrowdStrike reported that, in November and December 2017, it had observed a credential harvesting operation in the international sporting sector, with possible links to the cyberattack on the
opening ceremonies of the Winter Olympics in Pyeongchang.[24] That same month, CrowdStrike released research showing that 39 percent of all attacks observed by the company were malware-free intrusions. The company also named which industries attackers most frequently targeted.[25] That March, the company released a version of Falcon for mobile devices and launched the CrowdStrike store.[26]
In January 2019, CrowdStrike published research reporting that
Ryuk ransomware had accumulated more than $3.7 million in cryptocurrency payments since it first appeared in August.[27][28]
According to CrowdStrike's 2018 Global Threat Report, Russia has the fastest cybercriminals in the world.[29][30] The company also claimed that, of 81 named state-sponsored actors it tracked in 2018, at least 28 conducted active operations throughout the year, with China being responsible for more than 25 percent of sophisticated attacks.[31]
In September 2020, CrowdStrike acquired zero trust and conditional access technology provider Preempt Security for $96 million.[32]
In March 2021, CrowdStrike acquired Danish
log management platform Humio for $400 million.[33] Official CrowdStrike releases noted that the acquisition is to further their
XDR capability.
In November 2021, CrowdStrike acquired SecureCircle for $61 million, a SaaS-based cybersecurity service that extends
Zero Trust security to data on, from and to the endpoint.[34]
In December 2021, CrowdStrike moved its headquarters location from
Sunnyvale, California to Austin, Texas.[35]
In March 2023, CrowdStrike released the ninth annual edition of the cybersecurity leader's seminal report citing surge in global identity thefts.[36]
In 2023,
CrowdStrike introduced CrowdStream service in collaboration with
Cribl.[37]
Funding
In July 2015,
Google invested in the company's
Series C funding round, which was followed by Series D and Series E, raising a total of $480 million as of May 2019.[38][39][40] In 2017, the company reached a valuation of more than $1 billion with an estimated annual revenue of $100 million.[41] In June 2018, the company said it was valued at more than $3 billion.[39] Investors include
Telstra, March Capital Partners,
Rackspace,
Accel Partners and
Warburg Pincus.[42][43]
In June 2019, the company made an initial public offering (
IPO) on the
NASDAQ.[44][45]
Russian hacking investigations
CrowdStrike helped investigate the
Democratic National Committee cyberattacks and a connection to Russian intelligence services. On March 20, 2017,
James Comey testified before congress stating, "CrowdStrike,
Mandiant, and
ThreatConnect review[ed] the evidence of the hack and conclude[d] with high certainty that it was the work of
APT 28 and
APT 29 who are known to be Russian intelligence services."[46]
In December 2016, CrowdStrike released a report stating that Russian government-affiliated group
Fancy Bear had hacked a Ukrainian artillery app.[47] They concluded that Russia had used the hack to cause large losses to Ukrainian artillery units. The app (called ArtOS) is installed on tablet PCs and used for fire-control.[48] CrowdStrike also found a hacked variation of POPR-D30 being distributed on Ukrainian military forums that utilized an
X-Agent implant.[49]
The
International Institute for Strategic Studies rejected CrowdStrike's assessment that claimed hacking caused losses to Ukrainian artillery units, saying that their data on Ukrainian D30 howitzer losses was misused in CrowdStrike's report. The Ukrainian Ministry of Defense also rejected the CrowdStrike report, stating that actual artillery losses were much smaller than what was reported by CrowdStrike and were not associated with Russian hacking.[50]
Cybersecurity firm SecureWorks discovered a list of email addresses targeted by Fancy Bear in phishing attacks.[51] The list included the email address of Yaroslav Sherstyuk, the developer of ArtOS.[52] Additional
Associated Press research supports CrowdStrike's conclusions about Fancy Bear.[53]Radio Free Europe notes that the AP report "lends some credence to the original CrowdStrike report, showing that the app had, in fact, been targeted."[54]
2021 AWS Global Public Sector Partner Award for best cybersecurity solution[61]
2021 Canada AWS Partner Award as the ISV Partner of the Year[62]
2021 Ranked #1 for Modern Endpoint Security 2020 Market Shares in IDC's Worldwide Corporate Endpoint Security Market Shares, 2020 Report[63]
Motorsport
Since March 2021 CrowdStrike has been the official sponsor of the Formula One
safety car, the
Mercedes-AMG GT R.[64] In 2022, it was announced that Crowdstrike would become the title sponsor of the
24 Hours of Spa endurance race from
2023 onwards.[65]