CrowdStrike FalconID Extends Risk-Aware Identity Security to Multi-Factor Authentication

CrowdStrike announced the general availability of FalconID, extending the Falcon platform with zero-friction, phishing-resistant MFA. Identity is the front line of modern attacks, and this release advances CrowdStrike’s Next-Gen Identity Security leadership with real-time, risk-aware protection against AI-accelerated phishing attacks and credential abuse at the point of authentication. With an intelligent security fabric spanning the identity lifecycle, CrowdStrike eliminates friction, increases productivity, and stops breaches.

“Traditional MFA is architecturally broken. Disconnected from real-time risk signals, it’s blind to emerging threats, susceptible to MFA bypass attacks, and creates unnecessary friction,” said Elia Zaitsev, chief technology officer at CrowdStrike. “FalconID accelerates CrowdStrike’s identity security transformation, moving organizations beyond isolated, static access controls to continuous, risk-aware protection that stops breaches without slowing the business.”

As adversaries weaponize AI, the risk, scale, and impact of social engineering and credential abuse increase dramatically. Highly convincing campaigns can be launched by nearly anyone, with attackers routinely bypassing traditional MFA through AI-enhanced phishing, MFA fatigue, and session hijacking. At the same time, friction-heavy MFA slows users to the point organizations often disable it entirely. The future of secure access requires protection that’s informed by real-time risk, adapts as conditions change, and doesn’t slow productivity.

Traditional IAM and PAM were designed to manage access, not stop breaches. Even with MFA, they function as isolated, point-in-time controls – adding friction while lacking the real-time security context to stop AI-accelerated phishing attacks. FalconID reimagines authentication as a seamless, risk-informed experience built directly into the Falcon sensor and delivered through the Falcon for Mobile app. Using real-time Falcon platform risk signals, it determines when access is safe and when it’s not, without forcing users through unnecessary steps. FalconID eliminates friction without compromising security, transforming identity and access management at the speed of AI.

Falcon® Next-Gen Identity Security already secures the full hybrid identity lifecycle across human, non-human, and AI agent identities – spanning initial access, privileged access, identity threat detection and response (ITDR), and SaaS identity security. With the acquisitions of SGNL and Seraphic, CrowdStrike eliminates standing privileges and continuously secures interactions from the endpoint, through browser sessions, and into the cloud – starting at the point of authentication with FalconID.

Key features and benefits include: