June 3 – Microsoft (MSFT, Financial) and CrowdStrike (CRWD, Financial) have teamed up to streamline how cyber threat actors are identified and tracked across different security platforms.
The partnership introduces a unified mapping system that links adversary identifiers used by each company. By harmonizing aliases and attribution methods, the collaboration aims to reduce confusion from inconsistent naming and speed up defenders' response to sophisticated attacks.
Instead of forcing a single naming convention, the shared framework lets analysts cross-reference threat data. The companies say this reduces ambiguity and helps security teams make quicker, more confident decisions.
“Adversaries hide behind both technology and the confusion created by inconsistent naming. As defenders, it's our job to stay ahead and to give security teams clarity on who is targeting them and how to respond,” said Adam Meyers, head of Counter Adversary Operations at CrowdStrike.
Initial efforts have already resolved naming overlaps for over eighty known actors, including confirming that Microsoft's Volt Typhoon and CrowdStrike's Vanguard Panda both point to Chinese state–sponsored groups. The teams also matched Secret Blizzard and Venomous Bear as the same Russian–linked threat actor.
