Over the past year, we’ve expanded and strengthened the digital operations capabilities that have long supported our global infrastructure, which include real-time telemetry, system health monitoring, and incident management processes driven by our engineering and reliability teams. Every day, our team is working on the next generation of resilience capabilities. We’re not just building a more resilient CrowdStrike; we’re working on approaches we believe will raise the bar for resilience across the cybersecurity industry.
We have continued our partnership with outside leading experts to provide regular code reviews, which now span our code, quality processes, and operational procedures. These reviews, combined with ongoing internal improvements, have helped us continue to optimize platform performance, maintainability, and reliability across a broad range of environments.
With the introduction of the Falcon Super Lab, we’ve enhanced our already rigorous quality control processes, testing thousands of OS, kernel, hardware, and third-party application combinations and interactions. Building on this foundation, we will also be delivering customer profile testing, a methodology that allows us to validate our products as they’re deployed in specific customer environments.
In addition, our multi-cloud, hybrid cloud infrastructure delivers elastic scaling capabilities, ensuring we can respond to any demand scenario. Today, we operate at exabyte scale, processing telemetry from millions of systems — including endpoints, devices, clouds, containers, and more — while maintaining the performance and reliability our customers depend on.
Our content quality dashboard provides real-time visibility into how releases are progressing across early access and general availability phases. Customers can see exactly when individual hosts last received updates and use Falcon Fusion SOAR workflows to automatically adjust deployment settings based on their operational needs.
3. Infrastructure and Operational Excellence
This commitment to resilience extends beyond our leadership structure. We’ve continued to strengthen our existing enterprise resilience practices, which encompass continuity planning not just for technology but for the people and processes that support our customers every day. Our multi-year approach has earned us ISO 22301 certification, the international standard for business continuity management systems, recognizing that our resilience program meets globally recognized standards.
The work continues, the commitment remains unwavering, and our customers can be confident that the platform protecting them today is stronger, more resilient, and more reliable than ever before.
We’ve also introduced content pinning, which gives customers the option to lock their systems to specific content versions and offers precise control over when and how updates are applied. This provides additional flexibility for customers with unique operational requirements or strict change management policies.
4. Quality and Testing Innovation
CrowdStrike’s Falcon platform is a cloud-native, AI-powered platform that protects customers through a combination of on-device prevention engines and real-time intelligence from the CrowdStrike Security Cloud. Our detection capabilities are continuously enhanced via configuration updates, not definition files, delivered with precision and validated for accuracy.
In addition, our collaboration with Microsoft continues to drive progress for our industry. We recently announced a collaboration to bring clarity on how adversaries are identified and tracked across vendors for the benefit of all cybersecurity teams. And we continue to collaborate toward greater platform resiliency through our active engagement in the Windows Endpoint Security Platform (WESP) initiative. This builds on CrowdStrike’s long history of aligning with Microsoft’s certification and testing procedures.
This work isn’t finished and never will be. Resilience isn’t a milestone — it’s a discipline that requires continuous commitment and evolution.
5. Operational Incident Management
In parallel, we’ve strengthened our enterprise resilience practices. Over the past year, we’ve increased the frequency and rigor of resilience exercises to ensure our teams, processes, and technology are prepared to operate under pressure and maintain continuity in a multitude of scenarios.
Our Ongoing Commitment
To further scale and unify these efforts, we’ve established a new, purpose-built Digital Operations Center. This dedicated facility brings together those distributed capabilities into a single command center, giving us deeper visibility and faster response across millions of sensors worldwide. This reflects our ongoing investment in operational excellence and is designed to meet or exceed the standards of the world’s leading technology operations centers.
To this end, we’re launching Project Ascent under our newly formed Chief Technology Innovation Officer (CTIO) organization, led by Alex Ionescu. In close collaboration with our engineering department, this project will explore how we can uniquely leverage emerging platform capabilities, including those outside of kernel space, alongside new features introduced through Microsoft’s WESP. While we continue working with Microsoft and adopt new capabilities as they mature, we’ll continue to advance our own path, ensuring we can deliver greater resiliency, maintainability, and agility without compromising the visibility our customers seek from CrowdStrike.
We didn’t just add a few content configuration options; we fundamentally rethought how customers could interact with and control enterprise security platforms, creating more granular controls and expanding the flexibility available to those who need it.
To ensure that resilience remains central to everything we do, we will soon be bringing on board a new executive: Chief Resilience Officer. Reporting directly to the CEO, this person will help shape how we build, operate, and lead across engineering, operations, and the business. After an exhaustive search, we will announce this hire soon. We expect more companies will make moves like this in the future to ensure that business resilience is owned at the highest levels.
Our customers have always had control over when and how their Falcon sensor versions are updated. But after July 19, we understood that customers wanted even more control over how and when security configuration updates are applied to their environments. What started as an immediate response to customer feedback has evolved into something more significant — a complete reimagining of the relationship between security vendors and their customers.
CrowdStrike made early architectural decisions to minimize kernel-invasive approaches wherever possible. And as Microsoft introduces new capabilities that allow for the development of security capabilities in user space that have parity with (or even surpass) kernel capabilities in efficacy, security, and performance, we will actively evaluate and adopt these features. But they cannot compromise security effectiveness.
To every customer, partner, and CrowdStriker — thank you for standing with us and standing for our mission: stopping breaches.
A year ago, we faced a moment that deeply impacted our customers and partners, one that pushed us to evolve how we think, build, and lead. Today, I’m confident we’ve emerged as a fundamentally stronger company with a platform and team that reflect the highest standards of resilience, built on the lessons of the past year and our commitment to continuous improvement.
Looking Forward
The reality is that kernel-level access remains critical for comprehensive cybersecurity. Today’s adversaries operate at the kernel level, exploiting the tens of thousands of legitimate drivers that run with kernel access. Security must meet the threat where it exists.
Beyond our internal improvements, we’ve made significant enhancements to how customers interact with and control our platform. Our new content control capabilities give customers greater flexibility in managing updates. Through host group policies, customers can set different deployment schedules for test systems, workstations, and mission-critical infrastructure.
We’ve strengthened how we manage technology incidents, building on a foundation of speed, discipline, and precision. Our sensor hardening initiatives proactively identify and prevent potential failures before they impact customers. Together, these enhancements help ensure our systems are better prepared for the unexpected and designed to operate under pressure, reinforcing our commitment to resilience at every level.
