SecurityBrief US - Technology news for CISOs & cybersecurity decision-makers
United States
International Women’s Day
392 opinions Read now

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Digital shield protecting interconnected network human silhouettes identity security
#
Advanced Persistent Threat Protection
#
IAM
#
AI Security

Rubrik expands CrowdStrike integration to boost identity security

Mon, 15th Sep 2025
Author image
By Melvin Hipolito, Editor

Rubrik has announced an expanded integration with the CrowdStrike Falcon cybersecurity platform, aimed at enabling customers to surgically rollback malicious changes to digital identities.

Integration details

The integration pairs Rubrik Identity Resilience with CrowdStrike's Next-Gen Identity Security, offering users the ability to restore identity providers (IdPs) to a safe state in the face of identity-based threats. The solution comes in response to the growing prevalence and sophistication of identity-driven attacks affecting organisations' on-premises and cloud systems.

Falcon Next-Gen Identity Security works by protecting all identity types, including human, non-human, and artificial intelligence agents. It covers all phases of the hybrid identity lifecycle, including blocking unauthorised access, preventing privilege escalation, and stopping lateral movements within a system. Rubrik Identity Resilience complements this by providing the capability to reverse unauthorised changes and restore secured, immutable states to identity systems.

Detection and response

With this new integration, customers benefit from real-time identity threat detection and automated correlation of suspicious changes. The Falcon platform uses artificial intelligence to correlate suspicious activity across different IdPs such as Active Directory, Entra ID, and Okta. Rubrik absorbs the resulting alerts and can pinpoint the specific malicious changes associated with compromised identities.

For organisations responding to detected threats, Rubrik Identity Resilience provides a mechanism for recovering and rolling back unauthorised changes. By reverting systems to known safe configurations and leveraging data immutability, the solution aims to neutralise the risk of repeat exploitation. In more severe cases, Rubrik is capable of delivering a full and clean recovery of the affected identity provider.

Workflow enhancements

Security teams also benefit from accelerated investigation workflows, as Rubrik Security Cloud integrates with several CrowdStrike tools including Falcon Fusion SOAR, Next-Gen SIEM, Falcon Threat Intelligence, and Charlotte AI. These integrations are intended to streamline both the investigation and response processes, allowing for the initiation of rollback actions, completion tracking, and orchestration of broader recovery workflows directly within the Falcon console.

"Identity-driven attacks demand both speed and precision," said Anneka Gupta, Chief Product Officer at Rubrik. "By expanding Falcon Next-Gen Identity Security with rollback and recovery, we're giving customers a complete solution – detect, adapt, and reverse – that minimises disruption and keeps operations running in the face of identity-based threats."

Daniel Bernard, Chief Business Officer at CrowdStrike, also commented on the announcement:

"Enterprises need more than detection – they need identity security that can adapt, defend, and outpace today's adversaries. Together with Rubrik, we're delivering unified identity security that combines CrowdStrike's AI-driven protection with Rubrik's rollback innovation. The result is simple: customers stop identity attacks faster, minimise business disruption, and strengthen resilience across hybrid environments."

Product availability

Rubrik Identity Resilience is now available. According to the company, this solution integrates identity security controls with risk detection and threat response, offering monitoring of identity changes in real time for forensic analysis. Its design supports increased collaboration between security and Identity and Access Management (IAM) teams, with continuous assessment of risks across both human and machine identities. Additionally, it provides capabilities to identify and remediate overprivileged or misconfigured accounts before they are targeted by attackers.

The integration aims to address the need for protection that goes beyond legacy measures, in light of the expanding threat landscape where identity remains a common vector for cyber-attacks in hybrid enterprise environments.

Related stories
OPSWAT unveils MetaDefender Aether for AI-era threats
Tech Mahindra & Rubrik launch AI-led cyber recovery
SonicWall receives 5-Star Award in 2026 CRN Partner Program Guide
DataBench, First Person team up on privacy-first IDs
Keeper & Williams F1 launch identity-first security push

Top stories

Qevlar AI raises USD $30m to expand autonomous AI SOC
Tech Mahindra & Rubrik launch AI cyber recovery service
Claroty named Leader in 2026 Gartner CPS security report
Entrust launches cloud cryptographic security platform
Thrive unveils governed AI workspace & adoption model