CrowdStrike Launches Project QuiltWorks to Strengthen Defense Against AI-Discovered Vulnerabilities
In a significant move to bolster cybersecurity, CrowdStrike has unveiled Project QuiltWorks, a collaborative initiative aimed at addressing the vulnerabilities in production code that are increasingly being identified by frontier AI models. This coalition brings together a diverse group of industry leaders, including Accenture, EY, IBM Cybersecurity Services, Kroll, and OpenAI, among others. The initiative seeks to provide organizations with the necessary tools and insights to answer a pressing question posed by their boards: “Are we exposed?”
Addressing the New Wave of Vulnerabilities
As organizations face an unprecedented surge in vulnerabilities identified by AI, CrowdStrike has also launched the Frontier AI Readiness and Resilience Service. This service is designed to offer continuous, expert-led engagements that directly assist customers in navigating the complexities of AI-discovered vulnerabilities. By leveraging the expertise of leading systems integrators and cutting-edge AI models from OpenAI and Anthropic, Project QuiltWorks aims to deliver comprehensive assessments, risk reporting at the board level, and guided remediation strategies.
George Kurtz, CEO and founder of CrowdStrike, emphasized the urgency of the situation, stating, “As frontier AI accelerates vulnerability discovery, every board in the world is asking their CISO the same question: are we exposed and are we protected? Project QuiltWorks is how the industry comes together to give every organization the answer their board needs.”
The Coalition’s Framework
Project QuiltWorks integrates CrowdStrike’s AI-driven vulnerability discovery capabilities with remediation insights from top systems integrators and AI laboratories. The CrowdStrike Falcon platform, which processes trillions of security events daily, utilizes real-world adversary intelligence and attack path analysis to prioritize vulnerabilities that are most likely to be exploited by adversaries. This intelligence is extended to the broader market through a partner network comprising over 10,000 certified professionals, facilitating remediation efforts at the code level within enterprises.
The Imperative for Immediate Action
The advent of frontier AI models has revealed a range of vulnerabilities, including logic bugs, design flaws, and misconfigurations, which often evade detection by traditional automated scanners and human reviews. This development has effectively closed the window of opportunity that defenders once had to patch vulnerabilities before they could be exploited. CrowdStrike’s Frontier AI Readiness and Resilience Service aims to provide continuous, expert-led engagements, with Project QuiltWorks scaling these responses across the industry.
The coalition is set to deliver essential technology and expertise that organizations need to comprehend and act upon their frontier AI risks. Key offerings include:
- Assessment: A thorough review of each organization’s current cybersecurity program, evaluating their existing capabilities and remediation potential.
- Model Deployment: AI-powered scanning of applications and codebases to identify exploitable vulnerabilities that may be overlooked by legacy tools and manual reviews.
- Risk Prioritization: Expert red teamers will rank findings based on exploitability, adversary activity, and business impact, moving beyond traditional CVSS scores.
- Remediation: Guided remediation processes that translate findings into actionable strategies, complete with board-level analysis to provide clear insights for leadership.
Industry Leaders Weigh In
Harpreet Sidhu, Global Lead of Accenture Cybersecurity, remarked on the initiative’s significance, stating, “While AI ushers in new ways of operating, CISOs must address the risks it introduces to the software development lifecycle. Through Project QuiltWorks, Accenture and CrowdStrike will deliver the operational muscle to remediate code-level issues and help clients build full-scale protection.”
David Cooper, EY Americas Cyber Commercial Leader, noted the urgency of the situation: “In the frontier AI era, innovation and risk are accelerating together, and most organizations aren’t ready to manage what that means. Project QuiltWorks is designed to help enterprises manage this new class of vulnerabilities at scale.”
Mark Hughes, Global Managing Partner of Cybersecurity Services at IBM Consulting, highlighted the evolving threat landscape, stating, “Frontier models are creating a new category of enterprise threats that are fast-moving, systemic, and increasingly autonomous. We’re actively working with clients to assess their security posture and strengthen their readiness to meet these new AI-driven vulnerabilities.”
Dave Burg, Global Head of Cyber and Data Resilience at Kroll, emphasized the importance of collaboration, saying, “We have a deep history of working with CrowdStrike to deliver the outcomes organizations need to adopt transformative technologies securely at scale. Over 90% of our clients have reported dealing with cyber incidents related to the use of AI, and our Offensive Security experts continue to see substantial growth in enterprise vulnerabilities for in-house AI-developed apps.”
Dane Stuckey, CISO of OpenAI, added, “AI is transforming cybersecurity, and defenders need advanced intelligence to keep pace. Through Trusted Access for Cyber, we’re putting stronger capabilities in trusted hands to accelerate vulnerability discovery and remediation, improve resilience, and help secure critical software across the ecosystem.”
Availability and Next Steps
CrowdStrike Project QuiltWorks and the AI vulnerability assessment are available immediately. Organizations interested in learning more can visit the official Project QuiltWorks page for additional information. The Frontier AI Readiness and Resilience Service is offered as a 12-month renewable subscription, purchasable through Falcon Flex dollars.
For further details, refer to the original reporting source: securitymea.com.
Keep reading for the latest cybersecurity developments, threat intelligence and breaking updates from across the Middle East.
