CrowdStrike Unveils Unified Data Protection to Secure Data Across Endpoints, Cloud, GenAI and SaaS
New Falcon Data Protection innovations stop encrypted file exfiltration, GenAI data leaks and SaaS misconfigurations, closing critical gaps attackers exploit to steal sensitive data
Data is Now a Primary Adversary Target
Adversaries are shifting from disruption to data theft, targeting misconfigurations and trusted identities to exfiltrate sensitive information and fuel downstream attacks. Groups like SCATTERED SPIDER compromise SSO accounts to harvest SharePoint and Outlook passwords, VPN instructions and internal documents to aid lateral movement and extortion. Others, like FAMOUS CHOLLIMA, gain insider access to company-issued endpoints and cloud environments, using remote access tools to steal intellectual property and customer data. As GenAI adoption accelerates, misconfigured applications and unsecured usage are creating new vectors for data exposure. CrowdStrike is closing the gaps adversaries exploit to steal data by protecting sensitive information across modern hybrid environments.
“In today's threat landscape, your data isn't just an asset – it's the primary target,” said Elia Zaitsev, chief technology officer, CrowdStrike. “Legacy data protection approaches fail because they're fragmented across environments, blind to encrypted exfiltration and incapable of stopping threats in real time. Today, businesses must also contend with employees inadvertently leaking sensitive data to unapproved or misused GenAI tools, adding new layers of risk. With Falcon Data Protection, we are the next chapter of data protection: unified visibility and control across your entire data ecosystem with the real-time protection needed to stop data theft before it happens.”
Transforming Data Protection Requires a Unified Platform
Falcon Data Protection eliminates the need for separate, piecemeal endpoint, cloud and SaaS security tools by providing comprehensive protection through a single platform. Key innovations include:
Runtime Cloud Data Protection
- Falcon Data Protection for Cloud: Delivers runtime protection for cloud data at rest and in motion, leveraging eBPF to detect and block unauthorized data movements in real time, without slowing systems down. Provides a single view of data flows across on-premises and multi-cloud environments.
Industry-First Encrypted Exfiltration Prevention
- Falcon Data Protection for Endpoint – Encryption Detection: Revolutionary capability that inspects sensitive data within encrypted archives like 7zip files as they're created – identifying and automatically blocking data theft attempts before files are locked and exfiltrated.
Complete GenAI Data Security
- Falcon Data Protection for Endpoint – GenAI Data Leak Prevention: Uses proprietary Similarity Detection DNA technology to recognize sensitive content even when modified or repackaged for GenAI tool upload. Enforces policies by content type, source or sensitivity label – preventing inadvertent exposure of sensitive information while blocking data leakage across both managed and unmanaged GenAI applications.
Comprehensive Coverage Expansion
- Falcon Data Protection for Endpoint – macOS Expanded Protection: Extends unified data protection to macOS environments, delivering consistent visibility and enforcement across diverse endpoint fleets.
- SaaS Threat Services: Provides expert-led hunting, assessment and response for SaaS security threats that could compromise sensitive data.
- Falcon Privileged Access: Dynamically eliminates standing privileges to sensitive data, granting Just-in-Time elevated access only when needed and under secure conditions.
- Identity-Based Threat Detection: Combines Falcon® Next-Gen SIEM and Falcon® Identity Protection to rapidly detect and neutralize identity-based threats targeting sensitive data.
- CrowdStrike Pulse Services: Delivers ongoing, customized security guidance to strengthen data protection across on-premises and cloud environments.
To learn more about CrowdStrike’s latest data protection innovations:
- Visit booth N-6144 at RSA
- Read our blog
About CrowdStrike
CrowdStrike (NASDAQ: CRWD), a global cybersecurity leader, has redefined modern security with the world’s most advanced cloud-native platform for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity and data.
Powered by the CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon® platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting and prioritized observability of vulnerabilities.
Purpose-built in the cloud with a single lightweight-agent architecture, the Falcon platform delivers rapid and scalable deployment, superior protection and performance, reduced complexity and immediate time-to-value.
CrowdStrike: We stop breaches.
Learn more: https://www.crowdstrike.com/
Follow us: Blog | X | LinkedIn | Facebook | Instagram
Start a free trial today: https://www.crowdstrike.com/free-trial-guide/
© 2025 CrowdStrike, Inc. All rights reserved. CrowdStrike and CrowdStrike Falcon are marks owned by CrowdStrike, Inc. and are registered in
View source version on businesswire.com: https://www.businesswire.com/news/home/20250428840407/en/
Media Contact
Jake Schuster
CrowdStrike Corporate Communications
press@crowdstrike.com
Source: CrowdStrike
