SailPoint has announced new integrations with the CrowdStrike Falcon platform to connect identity governance with endpoint security. The integrations enable shared data and automated workflows between identity and security systems to help organisations respond faster to identity-based threats.
The integrations connect SailPoint’s Identity Security Cloud with multiple Falcon platform components, including Falcon Next-Gen Identity Security, Falcon Next-Gen SIEM, and Falcon Fusion SOAR, now part of CrowdStrike Charlotte AI.
The technical integration allows organisations to apply CrowdStrike identity risk insights from Falcon Next-Gen Identity Security within SailPoint to inform dynamic, risk-based access decisions. It also enables SailPoint identity data to be ingested into Falcon Next-Gen SIEM to correlate identity events and access patterns with real-time threat activity. Additionally, Falcon Fusion SOAR can trigger SailPoint remediation actions, such as disabling accounts or revoking access, to help security teams respond faster to threats.
Broader identity security trends
Vendors across the market are consolidating IAM tools into single dashboards. It’s a reasonable move given the rise of identity-based attacks over the past few years. Identity threat detection and response (ITDR) has emerged as particularly critical. IDC research shows that 45.1 percent of organisations are prioritising insider threat detection, while 56.9 percent are investing in identity management for roles and authorisations. The integration between SailPoint and CrowdStrike addresses this by embedding ITDR capabilities directly into the workflow.
Previous collaboration with Cisco
This isn’t the first time SailPoint and CrowdStrike have worked together within a broader security ecosystem. Earlier this year, both companies integrated with Cisco’s Identity Intelligence to enable rapid threat detection through data sharing. That integration supported AI-driven behavioural analysis and threat detection within the Cisco Security Cloud.
Executive perspectives
“Adding identity context to Security Operations Center workflows helps security teams understand not only what is happening, but who is involved and what access may be affected,” said Chandra Gnanasambandam, EVP of Product and CTO at SailPoint. “Through integrations with the CrowdStrike Falcon platform, SailPoint customers can connect identity and threat data to support faster, more informed security decisions.”
Chris Stewart, vice president of technology and cloud ecosystem alliances at CrowdStrike, emphasised the value of interoperability: “Our customers value choice and interoperability. These integrations make it easy to connect SailPoint with the Falcon platform, bringing identity context into threat detection and response workflows so security teams can act with greater speed and confidence.”
Accenture Cybersecurity CTO Rex Thexton noted that securing identities of people, devices and AI agents is a complex challenge. “By bringing digital identity and threat intelligence together, we can help our clients unify their defences and accelerate their responses to emerging threats. Together with CrowdStrike and SailPoint, we can deliver a solution that enhances security and drives business resilience.”