Zscaler has expanded its partnership with CrowdStrike to create a stronger foundation for modern SOC operations. The collaboration runs through Red Canary, a Zscaler company, and integrates the
CrowdStrike Falcon platform with
Zscaler’s Zero Trust Exchange and
Red Canary’s agentic-AI–driven security operations platform. The result is a unified approach that brings together endpoint, identity, and network protection, with automation at its core.
Moving Beyond Legacy Tools
Security teams are under pressure to replace legacy Endpoint Detection and Response (EDR) tools that no longer keep pace with today’s adversaries. This expanded partnership positions Falcon as the preferred endpoint solution, supported by Zscaler’s cloud-native zero trust architecture and Red Canary’s AI-powered SOC capabilities. Instead of relying on a patchwork of point products, organizations and MSSPs can consolidate security into a single, cloud-first design that is easier to manage and faster to act.
Anthony Torsiello, SVP, Worldwide Partner & Alliances Sales at Zscaler told MSSP Alert, "Red Canary's agentic-AI driven managed detection and response further leverages deep endpoint context from CrowdStrike’s Falcon platform and will be enhanced by the combined power of rich user context from the Zscaler Zero Trust Exchange platform to improve threat detection accuracy and response time."
For MSSPs running large-scale SOCs, these improvements translate into faster response times, more accurate containment, and reduced analyst fatigue. The shift from reactive investigations to proactive, automated defense allows providers to serve more customers with the same resources, directly addressing the scaling challenges many SOCs face.
"For our partners, there’s an opportunity to migrate customers from legacy endpoint detection and response while expanding their services portfolio to unlock additional revenue streams for SOC-led partner services," Torsiello said.
Implications for MSSPs
For MSSPs, the significance of this partnership lies in service delivery and differentiation. CrowdStrike’s designation as a preferred partner within Red Canary’s ecosystem positions Falcon as a central platform for managed SOC offerings. MSSPs can take advantage of tighter integrations, automated response workflows, and a unified architecture that provides consistent visibility across customer environments. This consolidation helps reduce complexity and enables providers to focus more on delivering security outcomes rather than managing multiple point tools.
The joint offering enhances partner-delivered MDR services and unlocks new opportunities across the shared ecosystem.
"We are helping customers optimize their security investments while empowering partners to deliver robust managed SOC services," according to Torsiello.
"The expanded Zscaler-CrowdStrike partnership builds on our already strong and strategic collaboration to deliver even more opportunities for our joint partners. By bringing together Zscaler, Red Canary, and CrowdStrike, we are delivering yet another powerful co-sell motion for our partners to modernize legacy endpoint detection and response. We are adding another page to the channel playbook; empowering partners to accelerate customer migrations from legacy point-products to a cloud-native architecture with a best-of-breed approach to AI-driven security operations," Torsiello added.
Equally important is the shift in customer expectations. Businesses want faster detection, shorter response times, and clear evidence of improved security operations - not just more alerts. The combined strengths of Zscaler, CrowdStrike, and Red Canary allow MSSPs to meet that demand with services built on speed, automation, and accuracy. This raises the value of partner-delivered MDR services and creates opportunities to differentiate in a crowded market by offering outcome-driven security.