Avanan introduces seamless integration with CrowdStrike Falcon SIEM, allowing security teams to stream email security telemetry directly into their SIEM environment. This enables centralized monitoring, correlation, and response across the broader security stack.

With this integration, events such as phishing detections, compromised accounts, DLP violations, and other security alerts are ingested into Falcon SIEM out-of-the-box – with no need to parse Avanan event formats or perform additional customization. By combining Avanan telemetry with endpoint, identity, cloud, and other security data sources, organizations can correlate incidents more effectively and trigger automated workflows directly from the SIEM – accelerating investigation, enrichment, ticketing, and containment actions from a single platform.

This capability reflects Check Point’s open garden approach to email and workspace security, making it easier to integrate with leading solutions while maximizing the value of existing security investments.

How to enable the integration
To start the integration with CrowdStrike Falcon SIEM, follow the step-by-step instructions in this admin guide chapter.