CrowdStrike Falcon Next-Gen SIEM adds Microsoft Defender for Endpoint telemetry integration
Security Tool/Service
Summary
Hide ▲
Show ▼
CrowdStrike Falcon Next-Gen SIEM now ingests Microsoft Defender for Endpoint telemetry, making Defender the first EDR integrated into the platform and broadening support for third-party EDRs. The change improves cross-tool visibility and strengthens real-time analytics and threat detection. It matters because organizations can keep existing endpoint tooling while centralizing more security data in one SIEM.
Related Happenings
Akamai acquires LayerX for secure enterprise browser expansion
Industry Action
First: 22.05.2026 18:43
Last: 22.05.2026 18:43
Sources 1
About this happening:
Akamai Technologies agreed to acquire **LayerX** for **$205 million**, expanding its **secure enterprise browser** and **ZTNA** capabilities. The move gives Akamai a browser-layer...
Akamai acquires LayerX for secure enterprise browser expansion
Industry ActionAbout this happening: Akamai Technologies agreed to acquire **LayerX** for **$205 million**, expanding its **secure enterprise browser** and **ZTNA** capabilities. The move gives Akamai a browser-layer...
GopherWhisper China-aligned APT campaign targeting Mongolian government institutions
Campaign
First: 23.04.2026 12:04
Last: 23.04.2026 12:04
Sources 1
About this happening:
The **GopherWhisper** campaign is a **China-aligned APT operation** targeting **Mongolian governmental institutions**, and it now appears to extend beyond a single compromise to *...
GopherWhisper China-aligned APT campaign targeting Mongolian government institutions
CampaignAbout this happening: The **GopherWhisper** campaign is a **China-aligned APT operation** targeting **Mongolian governmental institutions**, and it now appears to extend beyond a single compromise to *...
External Microsoft Teams helpdesk-impersonation campaign
Campaign
First: 20.04.2026 18:11
Last: 20.04.2026 18:11
Sources 1
About this happening:
A **campaign** abusing **external Microsoft Teams collaboration** is letting attackers impersonate **IT/helpdesk staff**, gain remote access, and stage **targeted data exfiltratio...
External Microsoft Teams helpdesk-impersonation campaign
CampaignAbout this happening: A **campaign** abusing **external Microsoft Teams collaboration** is letting attackers impersonate **IT/helpdesk staff**, gain remote access, and stage **targeted data exfiltratio...
CrowdStrike Microsoft Marketplace listing
Commercial Activity
First: 03.04.2026 14:53
Last: 03.04.2026 14:53
Sources 1
How related:
Also, for the first time, CrowdStrike's offerings are now available in the Microsoft Marketplace (formerly known as the Azure Marketplace).
About this happening:
CrowdStrike made **its offerings** available in the **Microsoft Marketplace**, expanding how enterprise buyers can procure **cybersecurity products**. Eligible customers with **Mi...
CrowdStrike Microsoft Marketplace listing
Commercial ActivityHow related: Also, for the first time, CrowdStrike's offerings are now available in the Microsoft Marketplace (formerly known as the Azure Marketplace).
About this happening: CrowdStrike made **its offerings** available in the **Microsoft Marketplace**, expanding how enterprise buyers can procure **cybersecurity products**. Eligible customers with **Mi...
Widening enterprise endpoint protection and patch-management gap
Target Trend
First: 24.03.2026 15:15
Last: 24.03.2026 15:15
Sources 1
About this happening:
Enterprise endpoint protection is deteriorating as patch compliance lags, increasing the risk of breaches and downtime across managed devices. A **March 23, 2026** resilience inde...
Widening enterprise endpoint protection and patch-management gap
Target TrendAbout this happening: Enterprise endpoint protection is deteriorating as patch compliance lags, increasing the risk of breaches and downtime across managed devices. A **March 23, 2026** resilience inde...
Timeline
-
03.04.2026 14:53 2 articles · 1mo ago
CrowdStrike integrates Microsoft Defender telemetry into Falcon Next-Gen SIEM
Initial DisclosureCrowdStrike added Microsoft Defender for Endpoint as the first EDR integrated with Falcon Next-Gen SIEM, letting the platform ingest Defender telemetry directly for smarter filtering, real-time analytics, and faster threat detection. CrowdStrike also launched Falcon Onum to process log data at scale and made CrowdStrike offerings available in Microsoft Marketplace for the first time, expanding the platform's Microsoft-facing distribution and purchase options for enterprise customers using MACC funds.
Show sources
- CrowdStrike Next-Gen SIEM Can Now Ingest Microsoft Defender Telemetry — www.darkreading.com — 03.04.2026 14:53
- CrowdStrike Next-Gen SIEM Can Now Ingest Microsoft Defender Telemetry — www.darkreading.com — 03.04.2026 14:53