Falcon platform unifies real-time prevention with advanced ITDR, securing the entire identity attack lifecycle across hybrid environments
CrowdStrike today announced the general availability of CrowdStrike Falcon Identity Protection for Microsoft Entra ID, setting a new benchmark in identity security by seamlessly integrating prevention, detection, and response to combat identity-based cyber threats in hybrid environments. This expansion extends CrowdStrike’s inline prevention capabilities to cloud-based Microsoft Entra ID, reinforcing its comprehensive identity protection across leading cloud identity providers, on-premises Active Directory (AD), and SaaS applications.
With 75% of initial access attacks now being malware-free, adversaries such as SCATTERED SPIDER and COZY BEAR increasingly exploit identity and cloud access points to infiltrate organizations undetected. The CrowdStrike Falcon® platform uniquely secures the entire identity attack lifecycle—from initial access to lateral movement—helping organizations stop breaches before they happen.
“Identity is at the center of modern cyberattacks, yet organizations are forced to secure it with fragmented solutions that leave dangerous gaps,” said Elia Zaitsev, Chief Technology Officer, CrowdStrike. “CrowdStrike delivers unified, real-time protection across hybrid environments—stopping adversaries at every stage of an attack. By extending protection to Entra ID, we’re once again raising the bar for identity security.”
Key Features of Falcon Identity Protection for Entra ID
- Real-time protection for Entra ID: AI-powered security blocks adversaries using password spraying, phishing, and identity-based attacks to compromise Entra ID environments.
- Unified identity and endpoint security: Integration with Microsoft’s External Authentication Method (EAM) enhances login security using real-time CrowdStrike and Microsoft trust signals, ensuring access decisions are based on both device and identity risk.
- Hybrid risk-based conditional access: A single interface enforces dynamic access controls, blocking or injecting MFA based on real-time threats across on-premises AD, cloud identity providers (Entra ID, Okta, Ping), and SaaS applications.
Customer Impact
Organizations operating hybrid environments face evolving identity threats that require seamless, real-time security.
“As organizations like ours adopt hybrid environments to optimize cost and performance, security must evolve just as fast. A user’s identity is becoming much more involved, making it easier for adversaries to exploit and harder for security teams to protect,” said Paul Colon, Security Engineer, Information Security at Addition Financial. “CrowdStrike continues to innovate Falcon Identity Protection, providing seamless security across both on-premises and cloud-based systems. By unifying identity protection into a single platform, CrowdStrike helps us stay ahead of emerging threats without introducing complexity.”