CrowdStrike Unveils Falcon Privileged Access, Delivering the Only Platform that Unifies End-to-End Hybrid Identity Security

CrowdStrike announced the general availability of Falcon Privileged Access, a new module within Falcon Identity Protection. With unified privileged access controls, the AI-native CrowdStrike Falcon cybersecurity platform is the only platform that secures the entire identity attack lifecycle – from initial compromise to privilege escalation and lateral movement – across hybrid environments. 

The company also extended breakthrough automation capabilities for Charlotte AI Agentic Detection Triage and Falcon® Next-Gen SIEM to accelerate response to identity-based attacks. These innovations empower organizations to move beyond fragmented legacy tools and unify end-to-end identity security across on-premises Active Directory, cloud-based identity providers and SaaS applications with AI-powered platform protection.

“Identity is under relentless attack, and adversaries are going straight for the keys to the kingdom – privileged access,” said Michael Sentonas, president of CrowdStrike. “From social engineering to sophisticated insider abuse, they’re escalating privileges to access the most sensitive systems and data. With Falcon Privileged Access, we’re leveraging the power of the Falcon platform to eliminate standing privileges and make real-time, risk-aware access decisions. This latest innovation sets a new standard for end-to-end identity security, protecting customers against persistent identity-based threats.”

Seventy-nine percent of attacks to gain initial access are malware-free, as adversaries exploit trusted identities to infiltrate organizations undetected and move laterally to reach high-value targets. Groups like SCATTERED SPIDER use stolen credentials and social engineering, manipulating IT help desks to grant unauthorized access to targeted accounts. Others, like FAMOUS CHOLLIMA, embed malicious insiders equipped with company-issued laptops preloaded with remote access tools and registering their own MFA devices to escalate privileges. 

Stopping these threats requires live attack signals – like compromised credentials and risky device behavior – and the ability to assess risk and revoke access in real time. As a native part of the Falcon platform, Falcon Privileged Access uses real-time signals from endpoints/devices, industry-leading threat intelligence and advanced AI trained on trillions of security events to analyze user behavior and privilege status, and dynamically grant, block or revoke access. Paired with Falcon Identity Protection’s advanced capabilities for initial access prevention and identity threat detection and response (ITDR), CrowdStrike secures the entire identity attack lifecycle across hybrid environments. New features and benefits include:

To help customers strengthen their overall cybersecurity posture, CrowdStrike also unveiled CrowdStrike Pulse Services, an expert-led engagement program designed to reduce active risk and accelerate security program maturity. Specifically for identity-focused use cases, customers can leverage Pulse Services for cloud configuration assessments, identity policy reviews and identity threat protection optimization. These ongoing, outcome-focused and bite-sized sessions help teams uncover misconfigurations, enforce least privilege and fine-tune defenses to stop credential abuse.

Source: CrowdStrike media announcement