CrowdStrike Expands Leadership in Hybrid Identity Protection with Falcon Identity Protection for Microsoft Entra ID

AUSTIN, Texas--(BUSINESS WIRE)--CrowdStrike (NASDAQ: CRWD) today announced the general availability of CrowdStrike Falcon® Identity Protection for Microsoft Entra ID, setting a new standard in identity security by unifying prevention, detection and response to identity-based attacks across hybrid environments. With this release, CrowdStrike extends its inline prevention to cloud-based Microsoft Entra ID, expanding its comprehensive identity protection for leading cloud-based identity providers, on-premises Active Directory (AD) and SaaS applications. By unifying real-time prevention with advanced identity threat detection and response (ITDR), the CrowdStrike Falcon® platform is the only cybersecurity platform that secures the entire identity attack lifecycle—from initial access to lateral movement—across hybrid environments.

Seventy-five percent of attacks to gain initial access are now malware free, with adversaries exploiting trusted identities to infiltrate organizations undetected. Adversary groups like SCATTERED SPIDER and COZY BEAR compromise identity and cloud access points to move laterally across hybrid environments, while FAMOUS CHOLLIMA embeds malicious insiders at organizations to operate from within. Defending against these evolving threats requires organizations to stop external adversaries from gaining access, while rapidly detecting and eliminating threats that may already be inside. With inline prevention for Entra ID combined with advanced ITDR, CrowdStrike secures every part of modern hybrid environments—from prevention to detection to response.

“Identity is at the center of modern cyberattacks, yet organizations are forced to secure it with fragmented solutions that leave dangerous gaps,” said Elia Zaitsev, chief technology officer, CrowdStrike. “CrowdStrike delivers unified, real-time time protection across every area of hybrid environments—stopping adversaries at every stage of the attack. By extending protection to Entra ID, we’re once again raising the bar for identity security.”

As a unified component of the CrowdStrike Falcon® cybersecurity platform, Falcon Identity Protection stops sophisticated cross-domain and insider threats spanning identity, cloud and endpoint. CrowdStrike leverages advanced AI trained on trillions of security events, native device (endpoint) trust data, and industry-leading threat intelligence to analyze user behavior and privilege status, determining whether to grant, block or challenge initial access. Combined with advanced ITDR, it ensures continuous threat detection and rapid mitigation. With Falcon Identity Protection for Entra ID, CrowdStrike makes risk-based access decisions inline with Entra ID authentication flows, and extends protection throughout the identity attack lifecycle. Key features include:

• Real-time protection for Entra ID: Customers gain AI-powered protection against adversaries leveraging password spraying, phishing and other identity threats to target Entra ID environments and move laterally.
• Unified identity and endpoint security: By integrating with Microsoft’s External Authentication Method (EAM), Falcon Identity Protection leverages real-time CrowdStrike and Microsoft trust signals to secure access at login. With native endpoint visibility from the Falcon sensor, it enforces security based on both device and identity risk.
• Hybrid risk-based conditional access: Falcon Identity Protection enforces access controls via a single interface, blocking or dynamically injecting MFA based on real-time threats across on-premises AD, cloud-based identity providers including Entra ID, Okta and Ping, and SaaS applications.

“As organizations like ours adopt hybrid environments to optimize cost and performance, security must evolve just as fast. A user’s identity is becoming much more involved, making it easier for adversaries to exploit and harder for security teams to protect," said Paul Colon, security engineer, information security at Addition Financial. "CrowdStrike continues to innovate Falcon Identity Protection, providing seamless, real-time security across both on-premises and cloud-based systems. By unifying identity protection into a single platform, CrowdStrike helps us stay ahead of emerging threats without introducing complexity.”

To learn more about Falcon Identity Protection for Microsoft Entra ID, read our blog.

About CrowdStrike

CrowdStrike (NASDAQ: CRWD), a global cybersecurity leader, has redefined modern security with the world’s most advanced cloud-native platform for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity and data.

Powered by the CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon® platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities.

Purpose-built in the cloud with a single lightweight-agent architecture, the Falcon platform delivers rapid and scalable deployment, superior protection and performance, reduced complexity and immediate time-to-value.

CrowdStrike: We stop breaches.

Learn more: https://www.crowdstrike.com/
Follow us: Blog | X | LinkedIn | Facebook | Instagram
Start a free trial today: https://www.crowdstrike.com/free-trial-guide/

© 2025 CrowdStrike, Inc. All rights reserved. CrowdStrike and CrowdStrike Falcon are marks owned by CrowdStrike, Inc. and are registered in the United States and other countries. CrowdStrike owns other trademarks and service marks and may use the brands of third parties to identify their products and services.