.webp)
CrowdStrike announced new Falcon® Data Protection innovations
CrowdStrike Unveils Unified Data Protection to Secure Data Across Endpoints, Cloud, GenAI and SaaS New Falcon Data Protection innovations stop encrypted file exfiltration, GenAI data leaks and SaaS misconfigurations, closing critical gaps attackers exploit to steal sensitive data - Product Reviews
CrowdStrike announced new Falcon® Data Protection innovations, enabling security teams to protect sensitive data across endpoints, cloud environments and GenAI and SaaS applications to prevent exfiltration by insiders and identity-based attackers. With these innovations, the CrowdStrike Falcon® cybersecurity platform empowers teams to replace legacy DLP solutions that require separate tools for endpoint and cloud with real-time, unified protection from a single platform.
Data is Now a Primary Adversary Target
Adversaries are shifting from disruption to data theft, targeting misconfigurations and trusted identities to exfiltrate sensitive information and fuel downstream attacks. Groups like SCATTERED SPIDER compromise SSO accounts to harvest SharePoint and Outlook passwords, VPN instructions and internal documents to aid lateral movement and extortion. Others, like FAMOUS CHOLLIMA, gain insider access to company-issued endpoints and cloud environments, using remote access tools to steal intellectual property and customer data. As GenAI adoption accelerates, misconfigured applications and unsecured usage are creating new vectors for data exposure. CrowdStrike is closing the gaps adversaries exploit to steal data by protecting sensitive information across modern hybrid environments.
Transforming Data Protection Requires a Unified Platform
Falcon Data Protection eliminates the need for separate, piecemeal endpoint, cloud and SaaS security tools by providing comprehensive protection through a single platform. Key innovations include:
Runtime Cloud Data Protection
Falcon Data Protection for Cloud: Delivers runtime protection for cloud data at rest and in motion, leveraging eBPF to detect and block unauthorized data movements in real time, without slowing systems down. Provides a single view of data flows across on-premises and multi-cloud environments.
Falcon Data Protection for Endpoint – Encryption Detection: Revolutionary capability that inspects sensitive data within encrypted archives like 7zip files as they're created – identifying and automatically blocking data theft attempts before files are locked and exfiltrated.
Complete GenAI Data Security
Falcon Data Protection for Endpoint – GenAI Data Leak Prevention: Uses proprietary Similarity Detection DNA technology to recognize sensitive content even when modified or repackaged for GenAI tool upload. Enforces policies by content type, source or sensitivity label – preventing inadvertent exposure of sensitive information while blocking data leakage across both managed and unmanaged GenAI applications.
Comprehensive Coverage Expansion
Falcon Data Protection for Endpoint – macOS Expanded Protection: Extends unified data protection to macOS environments, delivering consistent visibility and enforcement across diverse endpoint fleets.
SaaS Threat Services: Provides expert-led hunting, assessment and response for SaaS security threats that could compromise sensitive data.
Falcon Privileged Access: Dynamically eliminates standing privileges to sensitive data, granting Just-in-Time elevated access only when needed and under secure conditions.
Identity-Based Threat Detection: Combines Falcon® Next-Gen SIEM and Falcon® Identity Protection to rapidly detect and neutralize identity-based threats targeting sensitive data.
CrowdStrike Pulse Services: Delivers ongoing, customized security guidance to strengthen data protection across on-premises and cloud environments.
