Security and AI company Rubrik has announced an expanded integration with the CrowdStrike Falcon cybersecurity platform at the Fal.Con 2025 conference. The integration of Rubrik Identity Resilience with CrowdStrike Falcon Next-Gen Identity Security advances identity security by enabling customers to surgically rollback malicious identity changes and restore identity providers to a safe state.
As identity-driven attacks increase in speed and sophistication, organizations are under pressure to protect hybrid identities across on-premises and cloud environments. Falcon Next-Gen Identity Security protects every identity – human, non-human, and AI agent – across the full hybrid identity lifecycle, blocking initial access, preventing privilege escalation, and stopping lateral movement. With Rubrik Identity Resilience, customers can now take the next step: reversing malicious changes and returning identity systems to a secure, immutable state. Together, the integration delivers unified identity security that adapts, defends, and outpaces adversaries.
“Identity-driven attacks demand both speed and precision,” said Anneka Gupta, Chief Product Officer at Rubrik. “By expanding Falcon Next-Gen Identity Security with rollback and recovery, we’re giving customers a complete solution – detect, adapt, and reverse – that minimizes disruption and keeps operations running in the face of identity-based threats.”
Benefits of the integration
The new integration offers customers the following benefits:
- Real-time identity threat detection and malicious change correlation. Falcon Next-Gen Identity Security provides AI-driven correlation of suspicious changes across identity providers (IdPs) such as Active Directory, Entra ID, and Okta. Rubrik ingests those alerts and identifies the malicious changes made by the compromised identity.
- Surgical rollback of malicious changes. Rubrik Identity Resilience recovers and rolls back malicious actions, restoring them to a known, safe state, leveraging immutability to prevent re-exploitation. In a worst case scenario, Rubrik delivers a full, clean IdP recovery.
- Accelerated investigation and workflow in Falcon console. With Rubrik Security Cloud’s integrations with Falcon Fusion SOAR, Next-Gen SIEM, Falcon Threat Intelligence, and Charlotte AI, security teams can streamline the investigation and response process by initiating rollback actions, tracking completion, and orchestrating recovery workflows.
“Together with Rubrik, we’re delivering unified identity security that combines CrowdStrike’s AI-driven protection with Rubrik’s rollback innovation. The result is simple: customers stop identity attacks faster, minimize business disruption, and strengthen resilience across hybrid environments,” said Daniel Bernard, Chief Business Officer at CrowdStrike.
