CrowdStrike enhances identity security for hybrid clouds

Today

CrowdStrike has announced that its Falcon Cloud Security for Microsoft Entra ID is now generally available, providing enhanced security measures for government entities working in GovCloud environments.

The Falcon platform is designed to unify real-time prevention with advanced Identity Threat Detection and Response (ITDR), targeting identity-based attacks across hybrid cloud environments. This expansion now includes protection for Microsoft Entra ID, broadening its existing services for cloud-based identity providers, on-premises Active Directory (AD), and SaaS applications.

A significant portion of cyberattacks, approximately seventy-five percent, now utilise methods that bypass malware, exploiting trusted identities to breach organisational perimeters undetected. High-profile adversary groups such as SCATTERED SPIDER and COZY BEAR have been known to exploit identity and cloud access points for lateral movement within hybrid settings, while the group FAMOUS CHOLLIMA employs insiders to operate undetectably within organisations.

Elia Zaitsev, Chief Technology Officer at CrowdStrike, commented on the necessity of this security expansion: "Identity is at the center of modern cyberattacks, yet organizations are forced to secure it with fragmented solutions that leave dangerous gaps. CrowdStrike delivers unified, real-time protection across every area of hybrid environments—stopping adversaries at every stage of the attack. By extending protection to Entra ID, we're once again raising the bar for identity security."

Falcon Identity Protection integrates with the CrowdStrike Falcon cybersecurity platform to prevent sophisticated cross-domain and insider threats, covering identity, cloud, and endpoint security. Advanced AI technology analyses user behaviour and privileges to make risk-based access decisions, ensuring rapid threat detection and mitigation. The platform is configured to make inline risk-based access decisions during Entra ID authentication flows, securing the entire identity attack lifecycle.

Key features of Falcon Identity Protection include AI-driven real-time protection against threats such as password spraying and phishing, and integration with Microsoft's External Authentication Method (EAM) to bolster security during login attempts. It also supports hybrid risk-based conditional access by enforcing controls through a unified interface across on-premises AD, cloud-based identity providers like Entra ID, Okta, Ping, and various SaaS applications.

Paul Colon, Security Engineer for Information Security at Addition Financial, provided a user perspective on this development: "As organizations like ours adopt hybrid environments to optimize cost and performance, security must evolve just as fast. A user's identity is becoming much more involved, making it easier for adversaries to exploit and harder for security teams to protect. CrowdStrike continues to innovate Falcon Identity Protection, providing seamless, real-time security across both on-premises and cloud-based systems. By unifying identity protection into a single platform, CrowdStrike helps us stay ahead of emerging threats without introducing complexity."

Share on: