CrowdStrike launches Falcon AIDR to secure the new AI attack surface

'Prompts Are the New Malware': Platform Protects Against Prompt Injection and Data Leakage at the Interaction Layer

CrowdStrike has announced the general availability of Falcon AI Detection and Response (AIDR), a new module that extends its unified Falcon platform to address the growing security risk associated with enterprise Artificial Intelligence (AI) usage. The company positions AIDR as the industry’s first unified solution to secure the AI prompt and agent interaction layer, which it deems the fastest-growing attack surface in the AI era.

The launch is a direct response to the widespread adoption of Generative AI (GenAI) tools, which has created new vulnerabilities through methods like prompt injection and jailbreaking.

Securing the AI interaction layer

CrowdStrike’s strategy with AIDR is to apply the same architectural advantages it pioneered with Endpoint Detection and Response (EDR) to AI security. The new product secures the point where users and AI agents interact with models, reason, and take action.

Prompt injection blocking: Falcon AIDR is engineered to stop attacks where adversaries inject hidden instructions into GenAI tools to manipulate outcomes or steal data. It blocks prompt injection, jailbreaks, and unsafe content in real-time, leveraging intelligence from research into over 180 known prompt injection techniques.

• Data leakage prevention: The platform automatically detects and blocks sensitive information such as credentials, regulated data, and other confidential secrets, before it can reach AI models or be exfiltrated through external AI systems.

• Unified visibility and governance: AIDR provides security teams with unified visibility into how employees are using AI tools (often referred to as 'shadow AI') and how AI agents are operating. This allows for real-time policy enforcement to stop risky interactions and contain malicious agent behavior.

• Single platform advantage: By integrating AIDR into the Falcon platform, CrowdStrike delivers an end-to-end security model for AI that covers data, models, agents, identities, infrastructure, and interactions, removing the need for separate, fragmented point solutions.

The new security paradigm

"Prompt injection is a frontier security problem," said Michael Sentonas, President of CrowdStrike. "Adversaries are injecting hidden instructions into GenAI tools to weaponize the very systems transforming how work gets done. Falcon AIDR secures every prompt, response, and agent action in real time."

The company's focus on the interaction layer reflects the growing consensus in cybersecurity that "prompts are the new malware," requiring continuous, real-time protection to safeguard against the manipulation of AI systems.