CrowdStrike and Microsoft announce collaboration to bring clarity and coordination to how cyber threat actors are identified and tracked across security vendors. By mapping threat actor aliases and aligning adversary attribution across platforms, the collaboration minimizes confusion caused by different naming systems and accelerates cyber defenders’ response against todays and tomorrow’s most sophisticated adversaries.

The cybersecurity sector has created various naming conventions for threat actors, each based on different viewpoints, intelligence sources, and levels of analysis. These classification systems offer essential context about adversaries to aid organizations in comprehending the threats they face, identifying who is targeting them, and understanding the underlying motivations.

However, as the threat landscape evolves, the complexity surrounding attribution among different vendors also increases.

Through enhanced collaboration, CrowdStrike and Microsoft have established a collaborative mapping system—a 'Rosetta Stone' for cyber threat intelligence—that connects adversary identifiers across various vendor ecosystems without enforcing a singular naming convention.

By clarifying how adversaries are identified, this mapping allows defenders to make swifter, more assured decisions, align threat intelligence from different sources, and more effectively counteract threat actor activities before any damage occurs.

By simplifying the process of linking naming conventions such as COZY BEAR and Midnight Blizzard, the mapping facilitates quicker decision-making and a more cohesive response to threats across various taxonomies.

Adam Meyers, Head of Counter Adversary Operations at CrowdStrike says, “This is a watershed moment for cybersecurity. Adversaries hide behind both technology and the confusion created by inconsistent naming. As defenders, it’s our job to stay ahead and to give security teams clarity on who is targeting them and how to respond. This has been CrowdStrike’s mission from day one. CrowdStrike is the leader in adversary intelligence, and Microsoft brings one of the most valuable data sources on adversary behavior. Together, we’re combining strengths to deliver clarity, speed, and confidence to defenders everywhere.”

Also Read: Gemini Ultra, Veo 3, Stitch and More Highlights from Google I/O 2025

Vasu Jakkal, Corporate Vice President, Microsoft Security says, “Cybersecurity is a defining challenge of our time, especially in today’s AI-driven era. Microsoft and CrowdStrike are in ideal positions to help our customers, and the wider defender community accelerates the benefits of actionable threat intelligence. Security is a team sport and when defenders can share and react to information faster it makes a difference in how we protect the world.”