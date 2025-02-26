Falcon platform unifies real-time prevention with advanced ITDR, securing the entire identity attack lifecycle—from initial access to lateral movement—across hybrid environments

AUSTIN, Texas--(BUSINESS WIRE)--CrowdStrike (NASDAQ: CRWD) today announced the general availability of CrowdStrike Falcon® Identity Protection for Microsoft Entra ID, setting a new standard in identity security by unifying prevention, detection and response to identity-based attacks across hybrid environments. With this release, CrowdStrike extends its inline prevention to cloud-based Microsoft Entra ID, expanding its comprehensive identity protection for leading cloud-based identity providers, on-premises Active Directory (AD) and SaaS applications. By unifying real-time prevention with advanced identity threat detection and response (ITDR), the CrowdStrike Falcon® platform is the only cybersecurity platform that secures the entire identity attack lifecycle—from initial access to lateral movement—across hybrid environments.

Seventy-five percent of attacks to gain initial access are now malware free, with adversaries exploiting trusted identities to infiltrate organizations undetected. Adversary groups like SCATTERED SPIDER and COZY BEAR compromise identity and cloud access points to move laterally across hybrid environments, while FAMOUS CHOLLIMA embeds malicious insiders at organizations to operate from within. Defending against these evolving threats requires organizations to stop external adversaries from gaining access, while rapidly detecting and eliminating threats that may already be inside. With inline prevention for Entra ID combined with advanced ITDR, CrowdStrike secures every part of modern hybrid environments—from prevention to detection to response.

“Identity is at the center of modern cyberattacks, yet organizations are forced to secure it with fragmented solutions that leave dangerous gaps,” said Elia Zaitsev, chief technology officer, CrowdStrike. “CrowdStrike delivers unified, real-time time protection across every area of hybrid environments—stopping adversaries at every stage of the attack. By extending protection to Entra ID, we’re once again raising the bar for identity security.”

As a unified component of the CrowdStrike Falcon® cybersecurity platform, Falcon Identity Protection stops sophisticated cross-domain and insider threats spanning identity, cloud and endpoint. CrowdStrike leverages advanced AI trained on trillions of security events, native device (endpoint) trust data, and industry-leading threat intelligence to analyze user behavior and privilege status, determining whether to grant, block or challenge initial access. Combined with advanced ITDR, it ensures continuous threat detection and rapid mitigation. With Falcon Identity Protection for Entra ID, CrowdStrike makes risk-based access decisions inline with Entra ID authentication flows, and extends protection throughout the identity attack lifecycle. Key features include:

Real-time protection for Entra ID: Customers gain AI-powered protection against adversaries leveraging password spraying, phishing and other identity threats to target Entra ID environments and move laterally.

Customers gain AI-powered protection against adversaries leveraging password spraying, phishing and other identity threats to target Entra ID environments and move laterally. Unified identity and endpoint security: By integrating with Microsoft’s External Authentication Method (EAM), Falcon Identity Protection leverages real-time CrowdStrike and Microsoft trust signals to secure access at login. With native endpoint visibility from the Falcon sensor, it enforces security based on both device and identity risk.

By integrating with Microsoft’s External Authentication Method (EAM), Falcon Identity Protection leverages real-time CrowdStrike and Microsoft trust signals to secure access at login. With native endpoint visibility from the Falcon sensor, it enforces security based on both device and identity risk. Hybrid risk-based conditional access: Falcon Identity Protection enforces access controls via a single interface, blocking or dynamically injecting MFA based on real-time threats across on-premises AD, cloud-based identity providers including Entra ID, Okta and Ping, and SaaS applications.

“As organizations like ours adopt hybrid environments to optimize cost and performance, security must evolve just as fast. A user’s identity is becoming much more involved, making it easier for adversaries to exploit and harder for security teams to protect," said Paul Colon, security engineer, information security at Addition Financial. "CrowdStrike continues to innovate Falcon Identity Protection, providing seamless, real-time security across both on-premises and cloud-based systems. By unifying identity protection into a single platform, CrowdStrike helps us stay ahead of emerging threats without introducing complexity.”

