CrowdStrike has expanded Project QuiltWorks, its cybersecurity coalition for securing frontier AI, and launched Falcon OverWatch for Defender, a managed threat hunting service for Microsoft Defender environments.

Eight new partners join Project QuiltWorks

Project QuiltWorks has added Armadin, Cognizant, HCLTech, Infosys, KPMG, NTT DATA, Tata Consultancy Services, and Wipro to its roster. The coalition, which runs on the CrowdStrike Falcon platform, now spans more than 10,000 certified professionals helping enterprises discover, prioritise, and continuously remediate AI-related vulnerabilities.

Early results illustrate the scale of undetected exposure: an EY Fortune 100 customer identified nearly 45 million previously unknown vulnerabilities within hours of deploying QuiltWorks tooling. Accenture has built 27 mission-ready agentic security tools on the Falcon platform through the programme, automating vulnerability assessment and reporting for thousands of clients.

QuiltWorks proved that frontier AI can find what traditional tools miss, and partners saw the results. Now, more of the industry is joining the coalition to deliver AI-powered discovery, adversary-informed prioritization, and remediation at enterprise scale. – Daniel Bernard, Chief Business Officer, CrowdStrike

The coalition is powered by frontier models from OpenAI and Anthropic, with CrowdStrike integrating Anthropic’s Opus 4.7 across the Falcon platform as part of the expansion.

Falcon OverWatch for Defender closes the detection gap

CrowdStrike’s Falcon OverWatch for Defender extends expert-led managed threat hunting to organisations running Microsoft Defender. The service supplements Defender’s automated detections with continuous, intelligence-driven hunting by human analysts, targeting the stealthy techniques that automated tools routinely miss.

CrowdStrike’s 2026 Global Threat Report found that 82% of detections in 2025 were malware-free, as adversaries increasingly use legitimate tools and trusted identities to evade endpoint protection. With adversary breakout times recorded as fast as 27 seconds, the company argues that alert-driven models cannot keep pace alone.

Falcon OverWatch tracks more than 280 nation-state, eCrime, and hacktivist groups and analyses up to 6.2 trillion events per day. Existing OverWatch deployments have delivered up to a 500x reduction in alert volume, with 98% true positive rates and up to 95% lower threat hunting staffing costs.

Today’s attacks are stealthy, fast-moving, and designed to evade detection, making expert-led threat hunting essential. OverWatch for Defender extends proven threat hunting to Microsoft environments, delivering the security outcome customers need most: stopping the breach. – Adam Meyers, Head of Counter Adversary Operations, CrowdStrike