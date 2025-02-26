(RTTNews) - CrowdStrike Holdings, Inc. (CRWD), Wednesday announced the general availability of CrowdStrike Falcon Identity Protection for Microsoft Entra ID, unifying prevention, detection, and response against identity-based attacks in hybrid environments.

This release extends inline prevention to cloud-based Microsoft Entra ID, enhancing protection for cloud identity providers, on-premises Active Directory (AD), and SaaS applications.

By integrating real-time prevention with advanced identity threat detection and response (ITDR), Falcon becomes the only cybersecurity platform securing the entire identity attack lifecycle—from initial access to lateral movement across hybrid environments.

Modern Identity Threats Demand Advanced Protection

With 75% of initial access attacks now malware-free, adversaries exploit trusted identities to infiltrate organizations undetected. Groups like SCATTERED SPIDER and COZY BEAR target identity and cloud access points for lateral movement, while FAMOUS CHOLLIMA embeds insiders to operate from within.

To counter these threats, organizations must prevent external access while detecting and eliminating internal threats. By combining inline prevention for Entra ID with advanced ITDR, CrowdStrike Falcon® Identity Protection secures every stage of hybrid environments—from prevention to detection to response.

As a unified component of the CrowdStrike Falcon platform, Falcon Identity Protection defends against cross-domain and insider threats across identity, cloud, and endpoint. Powered by AI trained on trillions of security events, it analyzes user behavior and privilege status to grant, block, or challenge access in real time.

With advanced ITDR, it delivers continuous threat detection and rapid mitigation. By integrating risk-based access decisions directly into Entra ID authentication flows, CrowdStrike extends security throughout the entire identity attack lifecycle.

Key features include:

Real-time protection for Entra ID: Customers gain AI-powered protection against adversaries leveraging password spraying, phishing and other identity threats to target Entra ID environments and move laterally.

Unified identity and endpoint security: By integrating with Microsoft's External Authentication Method (EAM), Falcon Identity Protection leverages real-time CrowdStrike and Microsoft trust signals to secure access at login. With native endpoint visibility from the Falcon sensor, it enforces security based on both device and identity risk.

Hybrid risk-based conditional access: Falcon Identity Protection enforces access controls via a single interface, blocking or dynamically injecting MFA based on real-time threats across on-premises AD, cloud-based identity providers including Entra ID, Okta and Ping, and SaaS applications.

