IT Brief US - Technology news for CIOs & IT decision-makers
United States
Guides
#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things
Search
Story image
#
PAM
#
MFA
#
Cloud Security

CrowdStrike launches Falcon Privileged Access to block threats

Today
Author image
By Melania Watson, Interview Editor

CrowdStrike has announced the general availability of Falcon Privileged Access, a new module designed to bolster identity security within the Falcon Identity Protection solution.

The latest addition to CrowdStrike's AI-native cybersecurity platform offers unified privileged access controls and claims to secure the entire identity attack lifecycle, spanning from initial compromise to privilege escalation and lateral movement across hybrid IT environments.

CrowdStrike disclosed that the company has also extended its automation capabilities for Charlotte AI Agentic Detection Triage and Falcon Next-Gen SIEM, which are aimed at enhancing detection and response efficiency for identity-based attacks.

These combined solutions allow organisations to move away from fragmented legacy systems and unify end-to-end identity security across on-premises Active Directory implementations, cloud-based identity providers, and SaaS applications.

Michael Sentonas, President of CrowdStrike, commented on the ongoing nature of identity-based threats, stating: "Identity is under relentless attack, and adversaries are going straight for the keys to the kingdom – privileged access. From social engineering to sophisticated insider abuse, they're escalating privileges to access the most sensitive systems and data. With Falcon Privileged Access, we're leveraging the power of the Falcon platform to eliminate standing privileges and make real-time, risk-aware access decisions.

This latest innovation sets a new standard for end-to-end identity security, securing customers against persistent identity-based threats."

CrowdStrike cited statistics showing that 79 percent of attacks intended to gain initial system access are malware-free, with adversaries often exploiting trusted identities to infiltrate organisations without detection and to move laterally to sensitive resources.

Examples referenced by CrowdStrike include attack groups such as SCATTERED SPIDER, which use stolen credentials and manipulate IT help desks to gain unauthorised access, and FAMOUS CHOLLIMA, which allegedly uses insiders provided with company-issued devices and registered multi-factor authentication methods to escalate privileges.

The company described Falcon Privileged Access as a solution that employs real-time signals from endpoints and devices, leveraging threat intelligence and AI trained on billions of security events to analyse user behaviour and privilege status.

The system can dynamically grant, block, or revoke access as risk conditions change.

In terms of practical features, Falcon Privileged Access offers just-in-time privileged access, which aims to remove standing privileges by providing temporary, dynamic permissions based on real-time, risk-aware evaluations. Access is granted only when needed and may be revoked if the user's or device's risk profile changes.

The just-in-time function complements broader Privileged Access Management (PAM) capabilities, such as password vaulting and session recording, with dynamic policy enforcement and visibility.

On the detection side, the updated platform introduces Agentic Detection Triage for identity-based attacks, which utilises Charlotte AI to autonomously triage cross-domain attack detections.

According to CrowdStrike, this system prioritises critical threats with over 98 percent accuracy for accelerated incident response.

Further, the integration of Falcon Identity Protection and Falcon Next-Gen SIEM is designed to provide real-time detection and automated response to identity-based threats. The Falcon Fusion SOAR component enables automated actions, such as disabling compromised accounts and enforcing multifactor authentication, to contain incidents at machine speed.

CrowdStrike has also announced Pulse Services, a consulting programme intended to help customers improve their cybersecurity posture. For identity-related use cases, Pulse Services focuses on cloud configuration assessments, identity policy reviews, and enhancements to identity threat protection.

These sessions are aimed at helping organisations uncover potential misconfigurations, enforce least privilege practices, and fine-tune defences against credential abuse.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Proofpoint unveils unified platforms to combat data & cyber risks
Veeam unveils cloud solution to protect Microsoft Entra ID
NetRise adds key executives as it eyes global market growth
Yoav Stahl joins Legit Security as Vice President of Product
Most firms overestimate data resilience, risking USD $400 billion
Top stories
Starburst appoints Jitender Aswani to lead engineering for AI push
Proofpoint launches unified cybersecurity solution to cut costs
Proofpoint unveils unified AI data security platform for enterprises
Veeam unveils secure AI access to backups with Anthropic MCP
Lineaje launches AI-powered self-healing for software security