CrowdStrike Stops GenAI Data Leaks with Unified Data Protection

CrowdStrike is introducing real-time visibility and protection across browsers, local applications, shadow AI services, and cloud data flows to stop GenAI data leaks at the source. With GenAI-specific detections, dedicated dashboards, and expanded enforcement using both process access control and client network inspection, CrowdStrike sheds light on the blind spots left by data protection solutions that only provide browser-based coverage.
Key capabilities:
This feature is now generally available to customers of both Falcon Data Protection and Falcon Next-Gen Identity Security.
Process access control stops unauthorized applications, such as local GenAI clients or desktop tools, from accessing or exfiltrating classified data. Client network inspection provides runtime visibility into data flows and blocks sensitive transmissions across cloud and SaaS connections. Whether data flows through a browser, local application, or cloud service, Falcon Data Protection provides runtime coverage to stop sensitive data before it leaves the enterprise. 

• GenAI data protection capabilities that can stop sensitive data leaks across browsers, local apps, shadow AI services, and cloud data flows
• A unified suite of out-of-the-box detections across endpoint and cloud, including coverage for GenAI misuse, data loss, and insider activity
• AI-powered data classifications that extend coverage to new, complex data types and improve the accuracy of existing ones
• A new insider risk dashboard that provides analysts the context they need to spot risky behaviors and take action

GenAI Data Protection: Stop GenAI Data Leaks Where They Start

Traditional data loss prevention (DLP) tools aren’t enough to mitigate modern data risk. They require heavy agents, rigid rules, and constant tuning –78% of organizations reported struggling just to maintain them.³ Data security posture management (DSPM) tools provide static snapshots of where sensitive data resides but fail to see how it flows in real time. 
General availability is expected by the end of January 2026 for cloud and by the end of July 2026 for endpoint.
Any forward-looking statements made in this document are based on our beliefs and assumptions that we believe to be reasonable as of the date of the presentation. You should not rely upon forward-looking statements as predictions of future events. Except to the extent required by law, we undertake no obligation to update these forward-looking statements to reflect new information or future events.

• A dedicated GenAI dashboard to provide unified visibility into data usage paths, enriched by Charlotte AI insights and recommended actions
• Expanded enforcement controls that use client network inspection to block sensitive data leaving local apps, and process access control to stop unauthorized GenAI tools from accessing classified files
• Cloud runtime coverage that uncovers risky data flows from machine learning or GenAI workloads to unauthorized services, and triggers automated playbooks through CrowdStrike Falcon® Fusion SOAR
• GenAI-specific detections to identify sensitive data flowing into AI tools in real time

Any forward-looking statements made in this document are based on our beliefs and assumptions that we believe to be reasonable as of the date of the presentation. You should not rely upon forward-looking statements as predictions of future events. Except to the extent required by law, we undertake no obligation to update these forward-looking statements to reflect new information or future events.

• Unified, out-of-the-box detections that provide coverage for GenAI misuse, data loss, and insider activity across endpoint and cloud
• Cross-domain visibility to eliminate silos and accelerate investigations with a unified dashboard that correlates detections across hybrid environments
• Context-rich alerts to accelerate response with enrichment from identity, device, and adversary tradecraft

Any forward-looking statements made in this document are based on our beliefs and assumptions that we believe to be reasonable as of the date of the presentation. You should not rely upon forward-looking statements as predictions of future events. Except to the extent required by law, we undertake no obligation to update these forward-looking statements to reflect new information or future events.

• Extended coverage adds support for complex data types such as user names and passwords while improving classification for existing types
• The ability to detect and identify unstructured data as sensitive information in free-form content, which static rules often miss
• Accuracy improvements to reduce false positives and strengthen enforcement precision across endpoint and cloud

Any forward-looking statements made in this document are based on our beliefs and assumptions that we believe to be reasonable as of the date of the presentation. You should not rely upon forward-looking statements as predictions of future events. Except to the extent required by law, we undertake no obligation to update these forward-looking statements to reflect new information or future events.

• Centralized visibility provides real-time insights into insider risk by combining identity and data protection telemetry in a unified dashboard
• Contextual filters accelerate investigations by surfacing malicious, negligent, or compromised user behavior

Beta is expected in November 2025, and general availability is expected by the end of January 2026.
The new Insider Risk dashboard in Falcon Data Protection changes that. By correlating telemetry from Falcon Data Protection and CrowdStrike Falcon® Next-Gen Identity Security into a single view, it gives analysts the context they need to spot risky behaviors early and take action.

Built for How Data Moves Today

Falcon Data Protection is gaining a unified suite of out-of-the-box detections across endpoint and cloud, including coverage for GenAI misuse, data loss, and insider activity, boosting detection breadth by 10x.⁴ Investigations are streamlined, and alert fatigue reduced, with real-time alerts, cross-domain visibility, and automation through the Falcon platform. 
This blog includes forward-looking statements including, but not limited to, statements concerning the expected timing of product and feature availability, the benefits and capabilities of our current and future products and services, and our strategic plans and objectives. Such statements are subject to numerous risks and uncertainties and actual results could differ from those statements.  Any future products, functionality and services may be abandoned or delayed, and customers should make decisions to purchase products and services based on features that are currently available. These and other risk factors are described in the “Risk Factors” section of our most recent Form 10-Q filed with the Securities and Exchange Commission.
Sensitive data constantly flows through GenAI tools, SaaS applications, personal cloud accounts, and unmanaged devices. Every movement is a potential exposure. Employees paste data into GenAI tools, potentially leaking critical information. This insider risk is common and costly: Insider threats cost organizations an average of .4 million in 2024,¹ and 83% of surveyed enterprises experienced at least one insider-driven incident in the past year.²
Key capabilities:
GenAI adoption is exploding across organizations, transforming how work gets done and where data moves. CrowdStrike is announcing four new innovations in CrowdStrike Falcon® Data Protection to empower organizations to embrace GenAI tools while securing data across endpoints, cloud, GenAI, and SaaS environments.

Additional Resources

Only CrowdStrike unifies data protection across endpoint, cloud, SaaS, and AI into a single platform with one unified sensor. With these latest innovations, we deliver the runtime protection, speed, and coverage that modern data demands.
Key capabilities:
Security teams need data protection that can keep pace with how information moves. They need real-time visibility into data in motion, consistent data classification across environments, and automated response when risks emerge. Falcon Data Protection already unifies real-time visibility, classification, and defense across endpoint, cloud, SaaS, and AI through a single unified sensor. Now, we’re introducing new innovations to provide the modern protection and speed today’s organizations need.
Key capabilities: