CrowdStrike Leads in GigaOm Radar for Identity Threat Detection and Response

According to GigaOm, CrowdStrike is recognized as the most mature and complete platform in the Identity Threat Detection and Response (ITDR) category. In the 2025 GigaOm Radar Report for ITDR, we are the only vendor with perfect 5/5 scores across all Emerging Feature categories, including AI-Enhanced SecOps/CoPilot and Non-Human Identity Security, and tied for the highest average scores in both Key Feature and Business criteria.

Identity-based attacks are among the most common and covert cyber threats. Adversaries with valid credentials can elevate privileges and access data, infrastructure, and capabilities while moving through organizations undetected. Nearly 80% of attacks to gain initial access are malware-free, indicating adversaries are relying on identities and other alternative methods.

As hybrid environments expand and the number of applications and AI-driven services grow, the risk of identity-focused attacks increases. The number of human and machine identities is rising rapidly, and adversaries are evolving their operations to exploit this. Organizations require AI-powered defenses that can detect and block attacks in real-time and at scale.

The 2025 GigaOm Radar Report for ITDR highlights Falcon Identity Protection as a leading solution for stopping identity-based attacks with AI-powered speed and accuracy. Key capabilities include visibility into adversary tactics, attack surface reduction, just-in-time access to protect privileged actions, and integration with the AI-native CrowdStrike Falcon® cybersecurity platform.

Falcon Identity Protection Leads the Pack

The 2025 GigaOm ITDR Radar Report positions CrowdStrike as a Leader and Outperformer, emphasizing the detection and response capabilities, adversary-centric approach, and comprehensive view of identity threats delivered through the unified Falcon platform.

GigaOm discussed Falcon Identity Protection’s seamless integration with other Falcon platform modules, and of the data they share. Stopping identity threats requires live attack signals and the ability to assess risk and grant, block, or challenge access in real time. As part of the Falcon platform, Falcon Identity Protection is powered by real-time device signals, threat intelligence from front-line experts, and trillions of events processed across the platform weekly.

“By enabling data sharing across all CrowdStrike modules, the platform provides a comprehensive view of identity threats and correlates insights from multiple telemetry sources, including endpoints and cloud environments,” the report states.

GigaOm detailed several key capabilities that underscore CrowdStrike’s leadership in identity protection:

Proactive protection across hybrid environments: CrowdStrike earned a 5/5 score for Proactive Protection. Falcon Identity Protection continuously monitors and analyzes identities, access rights, and authentication across on-premises and cloud environments, prioritizing risk and blocking unauthorized access. Its real-time intelligence, linked to MITRE ATT&CK® techniques, enriches alerts and helps proactively identify and contain threats. In addition to providing visibility and protection capabilities across on-premises Active Directory and cloud identity services like Entra ID, CrowdStrike now extends identity security and compliance capabilities to SaaS applications through Falcon Shield.

AI-powered detection and response: The strength of Falcon Identity Protection’s response capabilities is evidenced by 5/5 scores in Automated Incident Response and Incident Response Analysis. The report highlights that CrowdStrike “supports all stages from incident alert to resolution, including detection, alert generation, prioritization, and drill down analysis,” driven by Falcon Identity Protection and CrowdStrike Falcon® Next-Gen SIEM. Customers can deploy CrowdStrike Falcon® Fusion SOAR to automate end-to-end response workflows with 1,500+ automated actions. CrowdStrike Charlotte AI Detection Triage autonomously analyzes, prioritizes, and summarizes detections, distinguishing true positives from false positives so analysts can focus on real threats.

Just-in-time access: The report highlights the new Falcon Privileged Access, which further reduces risk by eliminating standing privileges and enabling just-in-time, risk-based access control. It uses real-time signals, threat intelligence, and AI to dynamically grant, block, or revoke access to critical resources. By adding secure privileged access to CrowdStrike’s ITDR capabilities, Falcon Privileged Access extends protection across the full identity attack cycle.

Adversary-driven approach: GigaOm praised CrowdStrike’s adversary-centric approach to identity security: “Utilizing threat intelligence, it enriches alerts with adversary profiles and real-time intelligence linked to MITRE ATT&CK techniques,” its report states. This approach ensures visibility into attack paths so organizations can respond to threats before they escalate. 

CrowdStrike sets the standard for identity threat detection and response with a unified platform that protects across the entire attack lifecycle, for businesses spanning all sizes and industries. “Organizations can tailor their deployment based on specific needs, ranging from basic detection to a fully integrated, end-to-end approach that includes posture management and automated threat mitigation,” GigaOm states in its report.

Building the Future of AI-Powered Identity Protection

Identity-based attacks threaten organizations spanning all sizes, geographies, and industries. These results validate CrowdStrike’s innovation and competitive advantage as the only unified platform that secures both human and non-human identities throughout the entire attack lifecycle — from initial compromise to privilege escalation and lateral movement — across hybrid environments.

“It has not only already delivered a broad range of improvements, its strong roadmap suggests more to come,” GigaOm says of CrowdStrike in its report. “Its advances in the use of its AI platform will continue to drive innovation.”