SailPoint Announces Integrations with the CrowdStrike Falcon Platform
Why This Matters
• Brings identity context into security operations so teams can see who is involved, what access is affected, and respond faster to identity-based threats.
• Enables shared data and automated workflows between identity governance and threat detection/response to improve visibility and speed up remediation.
What Has Changed
• New integrations between SailPoint Identity Security Cloud and the CrowdStrike Falcon® platform to connect identity and threat data.
• Integrates with Falcon Next-Gen Identity Security, Falcon Next-Gen SIEM, and Falcon Fusion SOAR (part of CrowdStrike Charlotte AI).
• Allows customers to:
– Apply CrowdStrike identity risk insights in SailPoint for dynamic, risk-based access decisions.
– Ingest SailPoint identity data into Falcon Next-Gen SIEM to correlate identity/access patterns with real-time threat activity.
– Trigger SailPoint remediation actions via Falcon Fusion SOAR (e.g., disabling accounts or revoking access) to accelerate response.
Timelines
Released on 18 December 2025
ZSP for Entra groups is now available
ZSP for Entra Groups allows for dynamic and temporary assignment of users to Entra groups within your Microsoft Entra ID directories. This means users can be granted access to specific M365 services or applications only when they need it, and for a limited time, without the need to manage the different roles in the ZSP policy.
“Secure Cloud Access and it’s new Zero Standing Privilege (ZSP) feature for Entra Groups allows for dynamic and temporary assignment of users to Entra groups within Microsoft Entra ID directories. This means users can be granted access to specific M365 services or applications only when they need it, and for a limited time, without the need to manage the different roles in the ZSP policy.”
CyberArk: CA25-35 – Possible race condition that may lead to denial of service (DoS) by unauthenticated users.
Issued: October 29, 2025
Updated: N/A
Version: 1.0
Severity: High
CVSS Score: 8.7
Third-party publication / CVE: N/A
Impact: Possible race condition that may lead to denial of service (DoS) by unauthenticated users.
Affected Products And Versions: Privileged Session Manager for SSH (PSMP), Self-Hosted – All versions prior to version 14.6.1 – All product subsets are affected
Resolution:
Upgrade to a patch version from the table below by downloading the patch from the respective link and following the instructions in our online documentation.
If a patch isn’t available for your installed version, or if you want to move to the latest available version, upgrade your component according to the upgrade version compatibility docs.
PSM for SSH 14.6 (LTS) and its patches prior to 14.6.1 – Patch to version 14.6.1 – Download patch – Documentation
PSM for SSH 14.2 (LTS) and its patches prior to 14.2.3 – Patch to version 14.2.3 – Download patch – Documentation
Temporary Mitigation:
There is no temporary mitigation available for this security bulletin.
CyberArk: CA25-34 – Possible Denial of Service (DoS) attack on HTML5 Gateway server
Issued: October 29, 2025
Updated: N/A
Version: 1.0
Severity: High
CVSS Score: 8.1
Third-party publication / CVE: https://nvd.nist.gov/vuln/detail/CVE-2025-50106 (https://nvd.nist.gov/vuln/detail/CVE-2025-50106)
https://nvd.nist.gov/vuln/detail/cve-2024-30172 (https://nvd.nist.gov/vuln/detail/cve-2024-30172)
Impact: Possible Denial of Service (DoS) attack on HTML5 Gateway server
Affected Products And Versions:
HTML5 Gateway Container and RPM, Self-Hosted – All versions prior to version 14.6 (incl.) – All product subsets are affected
Resolution:
Upgrade to a patch version from the table below by downloading the patch from the respective link and following the instructions in our online documentation.
If a patch isn’t available for your installed version, or if you want to move to the latest available version, upgrade your component according to the upgrade version compatibility docs.
Version 14.6 – Patch to version 14.6.1 – Download patch – Documentation
Version 14.2 – Patch to version 14.2.2 – Download patch – Documentation
Version 14.0 – Patch to version 14.0.2 – Download patch – Documentation
Temporary Mitigation:
There is no temporary mitigation available for this security bulletin.
