Supatman/iStock via Getty Images
Microsoft (NASDAQ:MSFT) and CrowdStrike (NASDAQ:CRWD) are collaborating to bring coordination to how cyber threat actors are identified and tracked across security vendors.
The companies said that by mapping threat actor aliases and aligning adversary attribution across platforms, the collaboration minimizes confusion caused by different naming systems and accelerates cyber defenders’ response against sophisticated adversaries.
The two companies have developed a shared mapping system for cyber threat intelligence that links adversary identifiers across vendor ecosystems without mandating a single naming standard.
By reducing ambiguity in how adversaries are labeled, the mapping enables defenders to make faster and confident decisions, according to the companies.
“Adversaries hide behind both technology and the confusion created by inconsistent naming. As defenders, it’s our job to stay ahead and to give security teams clarity on who is targeting them and how to respond,” said Adam Meyers, head of Counter Adversary Operations at CrowdStrike.
The companies added that the partnership will start with a shared analyst-led effort to harmonize adversary naming between CrowdStrike and Microsoft’s threat research teams.
The companies said that they have already deconflicted over 80 adversaries, including validating threat actors like Microsoft’s Volt Typhoon and CrowdStrike’s Vanguard Panda are Chinese state-sponsored threat actors, and that Secret Blizzard and Venomous Bear refer to the same Russia-nexus adversary.
More on Microsoft and CrowdStrike
- Wall Street Brunch: Has Tariff Uncertainty Hit The Labor Market?
- I’m Buying CrowdStrike Before Earnings As The Market Is Underestimating The Growth Story (Upgrade)
- Microsoft: More Resilient To Trade Wars Than Peers
- CrowdStrike Q1 2026 Earnings Preview: Analysts eye resilient demand
- Microsoft to invest $400M in Switzerland as it deepens AI, cloud pushes