CrowdStrike Falcon Intelligence

Automated investigations

- Bring endpoint protection to the next level by combining malware sandbox analysis, malware search and threat intelligence in a single solution.

- Reduce the time and skills required to perform manual incident investigations.

- Identify and investigate related threats and block similar attacks in the future.

Indicators of Compromise (IOCs)

- Visualize relationships between IOCs and adversaries found on your endpoints protected by the CrowdStrike Falcon® platform.
- Hunt for threats with IOCs enriched with context.
- Strengthen defenses with CrowdStrike's real-time global IOC feed.
- Pre-built integrations and APIs enable you to orchestrate defenses with existing security solutions.

Actor profiles

- Access 165+ profiles of the nation-state, eCrime and hacktivist adversaries.

- Identify adversaries focused on attacking your business, region, or industry.

- Learn about your adversaries’ intent and capabilities and predict their next move.

Extended endpoint integration

- Built into the CrowdStrike Falcon® platform, there is no integration, administration or deployment required.

- Protected endpoints automatically forward all quarantined files to Falcon Intelligence for immediate investigation.

- Streamline your workflow and pivot seamlessly into adversary insights from other CrowdStrike modules.