CrowdStrike announced that Falcon® Next-Gen SIEM now ingests and correlates Microsoft Defender for Endpoint telemetry, enabling Microsoft endpoint customers to modernize security operations without deploying additional sensors.
CrowdStrike also unveiled native Falcon® Onum real-time data pipelines, federated search across third-party data stores, third-party intelligence integration, and its Query Translation Agent. Together, these innovations accelerate legacy SIEM transformation by eliminating migration friction, reducing ingestion and storage costs, and delivering real-time threat detection across heterogeneous environments.
“Strategic alignment and disciplined execution between industry leaders is what drives meaningful innovation and stronger security outcomes for customers,” said Daniel Bernard, chief business officer at CrowdStrike. “Our integration with Microsoft accelerates legacy SIEM transformation without the operational burden of deploying additional sensors. By advancing our open, data-agnostic architecture, we are giving organizations the flexibility, performance, and data economics to modernize security operations across any technology stack – meeting customers where they are to unlock the protection outcomes and value from Falcon.”
“It is great to see Microsoft Defender telemetry being leveraged within Falcon Next-Gen SIEM,” said Rob Lefferts, corporate vice president for threat protection at Microsoft. “Defender operates at a global scale, and integrations like this reinforce the importance of an open ecosystem where leading platforms interoperate to help customers improve security outcomes.”
The Operating System of Cybersecurity
Falcon Next-Gen SIEM has proven itself a scaled market disruptor, with performance and cost advantages that set it apart from legacy SIEMs. Growing 75 percent year-over-year,[1] the business is accelerating adoption of the Falcon® platform as the operating system of cybersecurity.
Falcon Next-Gen SIEM for Defender
Falcon Next-Gen SIEM for Defender accelerates SOC modernization for organizations standardized on Microsoft Defender for Endpoint protection. Organizations can ingest and correlate Defender telemetry with Falcon’s log data, threat intelligence, cross-domain context, and AI-driven analytics in real time, augmenting native detections without deploying a new endpoint sensor.
Agentic SOC Transformation
To accelerate the transition to the agentic SOC, CrowdStrike is delivering new innovations that eliminate architectural barriers to modern SIEM adoption, simplifying data onboarding, reducing cost, and increasing operational speed.
Native Falcon Onum Integration: Eliminates onboarding friction and transforms data economics, delivering up to 5X faster streaming, 50 percent lower storage costs, 70 percent faster incident response, and 40 percent less ingestion overhead through intelligent filtering and real-time, in-pipeline detection.
Federated Search Across Distributed Data Stores: Extends fast, flexible access to external data sources, including Falcon LogScale and ExtraHop. Analysts can query data where it lives, eliminating costly duplication and re-ingestion while maintaining unified visibility.
Third-Party Indicator Management: Enables ingestion and operationalization of external indicators of compromise (IOCs), enriching Falcon detections with curated, high-confidence threat correlation across first- and third-party data.
Query Translation Agent: Expanding CrowdStrike’s Agentic Security Workforce, this intelligent agent automatically converts legacy SIEM queries, including Splunk searches, into CrowdStrike Query Language (CQL), accelerating migration, preserving analyst workflows, and eliminating retraining friction.
Future Products Disclaimer
This press release may include discussion of unreleased services or features. Any unreleased services or features referenced here are still in development and subject to change. Customers should make their purchase decisions based upon features that are currently available.
𝐒𝐭𝐚𝐲 𝐢𝐧𝐟𝐨𝐫𝐦𝐞𝐝 𝐰𝐢𝐭𝐡 𝐨𝐮𝐫 𝐥𝐚𝐭𝐞𝐬𝐭 𝐮𝐩𝐝𝐚𝐭𝐞𝐬 𝐛𝐲 𝐣𝐨𝐢𝐧𝐢𝐧𝐠 𝐭𝐡𝐞 WhatsApp Channel now! 👈📲
𝑭𝒐𝒍𝒍𝒐𝒘 𝑶𝒖𝒓 𝑺𝒐𝒄𝒊𝒂𝒍 𝑴𝒆𝒅𝒊𝒂 𝑷𝒂𝒈𝒆𝐬 👉 Facebook, LinkedIn, Twitter, Instagram
