Intelligence

Actionable & Comprehensive Security Intelligence

CrowdStrike Global Intelligence Team

The CrowdStrike Global Intelligence team is comprised of world-class leaders who bring a diverse background of skills and experience in cyber threat intelligence. The team includes individuals who have worked on this problem for over a decade in the intelligence community, as well as some of the leading security researchers who have led investigations into Buckshot Yankee, Operation Aurora, Conficker, Coreflood and the Storm Botnet. The CrowdStrike team is broken out into Technical, Analysis, and Global Threat Cells. The Technical Cell members have unparalleled experience in reverse code engineering, crypto analysis, and adversary techniques. The Analysis Cell is structured around foreign languages and strategic adversary analysis illuminating the adversary's intentions in an effort to collect intelligence and perform attribution in the native tongue of the adversaries. Both the Analysis and Technical Cells are complemented by the Global Threat Cell which monitors adversary activities, TTP's, and campaigns in order to understand the global and coordinated efforts of cyber adversaries intent on stealing intellectual property and sensitive information. The Intelligence Team is additionally comprised of an Operations Team and Collection Cell. These two groups symbiotically leverage human, technological, and proprietary collections to support CrowdStrike with unique and unparalleled sources of intelligence.  The CrowdStrike Intelligence team leverages these diverse skill sets to collect, analyze, and disseminate actionable and timely intelligence to our customers via the CrowdStrike Falcon platform and as a separate Intelligence-as-a-Service offering. 

CrowdStrike's Intelligence team has replicated the same principles and many of the methods that have successfully been employed in the Intelligence Community to track and attribute, often down to persona and military unit affiliation, all of the major nation-state threat actors. CrowdStrike Intelligence-as-a-Service offering provides your organization with detailed technical and strategic analysis of adversary capabilities, indicators and tradecraft, attribution and intentions. The team's mission is to provide actionable government-quality intelligence to help combat targeted attacks and advanced adversaries. 

All-Source Intelligence Reporting

In-Depth Technical Reporting & Analysis

In today's threat environment, adversaries are constantly profiling and attacking your corporate infrastructure to access and collect your intellectual property, proprietary data, and trade secrets. The CrowdStrike Global Intelligence Team's mission is to identify and track these adversaries and provide your organization with in-depth technical analyses, attribution information, and proactive indicators and warnings to help you stay ahead of the threat. CrowdStrike's proactive indicators leverage existing security infrastructure to provide your security team with a full adversary-based view into cyber attacks. 

  • Proactive Indicators & Warnings
  • Global Threat Reporting
  • Strategic Intelligence Reporting
  • Adversary Intelligence Reporting
  • Custom Adversary Reporting specific to threats faced by your organization

 

Get It Now

Intelligence-as-a-Service is provided on an annual subscription basis. Request pricing. 

Intelligence Feeds

Actionable Intelligence Indicators & Warnings

Many organizations today have security operations centers focused on protecting corporate assets from all facets of cyber threats. With CrowdStrike's Intelligence Feeds, your security team can leverage proactive indicators and warnings to quickly identify and mitigate damage from targeted attacks.

  • Integrates with existing security infrastructure (host, network and SIEM security solutions)
  • Identifies adversary malware and command & control channels
  • Continuously delivers the latest CrowdStrike intelligence

Adversary Intelligence Portal

Actor Profiles & Historic Information

Go beyond the malware with CrowdStrike's subscription-based Adversary Intelligence Portal. Gain insight into adversary tactics, techniques, and procedures with unlimited access to all-source historical reporting and actor profiles. 

  • Search across full historical intelligence reporting database
  • Gain access to actor profile pages
  • Leverage automated delivery options to configure and select reports of interest

 

REVERSE ENGINEERING

 

On-demand Reverse Engineering

Leverage the technical expertise of CrowdStrike's Global Intelligence Team to generate customized technical and adversary reporting relevant to threats targeting your organization. With comprehensive and actionable intellgence, your organization can benefit from gaining full insight into company-specific malware and malware campaigns. By leveraging CrowdStrike's on-demand reverse engineering, you're benefiting from government-quality intelligence to ensure that you know everything there is know about the threat actor targeting your enterprise. Augment enterprise malware analysis capabilities with on-demand reverse engineering. Receive full reporting and in-depth analysis on company-specific malware or malware campaigns.