Automated threat intelligence

CrowdStrike Falcon® Intelligence is an automated threat intelligence service built on the CrowdStrike Falcon Platform. It automates incident investigations and streamlines breach response so you can make faster, more confident cyber security decisions. Organizations, regardless of size or sophistication, learn from the attacks in their environment applying that knowledge to proactively prevent future attacks. Falcon Intelligence provides insight into global threats, tracked by CrowdStrike’s elite team of intelligence experts.

• Automate and simplify incident investigation

  Analyze high-impact threats taken directly from your endpoints that are protected by the Falcon platform. Falcon Intelligence analysis is presented as part of the detection details of a Falcon endpoint protection alert.

• Share custom IOCs for security orchestration

  Get custom IOCs that are derived from the automated analysis of threats taken directly from your endpoints. Custom IOCs include protection against the threat you just encountered plus related threats within the same campaign or malware family.

• Stop bad actors in their tracks

  Gain visibility into the motives, tools and tradecraft of the attacker. Practical guidance and proactive steps are prescribed so your team can deploy proactive countermeasures and get ahead of future attacks.