AI is fueling the next leap in security automation, giving teams the power to act faster, scale further, and secure more with intelligent, adaptive operations. In this track, you’ll learn how CrowdStrike is delivering AI built for the SOC, combining machine learning, generative AI, and agentic AI to supercharge the analyst experience. From autonomous triage and investigation to enabling LLM-powered actions, learn how organizations are putting AI to work to solve real problems — securely, responsibly, and at scale.

Whether you're exploring agentic AI, optimizing your workflows, or preparing for the next leap in analyst productivity, this is your front-row seat to what AI can actually do for your security team today.

Key takeaways:

• See how real teams are using AI to cut investigation time and automate repetitive tasks
• Learn how to operationalize GenAI, machine learning, and agentic AI across your SOC workflows
• Get practical insights from customers and experts solving real-world security challenges with AI
• Explore the latest innovations driving analyst autonomy and next-gen SOC transformation
• Hear directly from the CrowdStrike AI product team — what’s new, what’s coming, and how to get started

Browse sessions for this track — and all others — in the full Fal.Con agenda (using the link below) to start planning your experience.

Endpoint security is your frontline defense against stealthy threats like ransomware and malware-free attacks. Learn how CrowdStrike’s AI-driven protection, unified visibility, and proactive workflows accelerate detection and response. The endpoint is your most targeted asset — and your first line of defense. Adversaries are faster and stealthier, using ransomware, malware-free intrusions, and cross-domain attacks to evade detection. CrowdStrike Endpoint Security stops them with AI-powered protection, agentic workflows, and unified visibility across domains. Shift from reactive to proactive defense — accelerating detection, investigation, and response.

Whether you're starting out or scaling up, join CrowdStrike experts and industry peers to discover what’s new, what’s next, and what actually works.

key takeaways:

• Understand the latest attack trends and how to stay ahead of them 
• Learn best practices to detect, investigate, and respond faster 
• See how agentic AI innovations with CrowdStrike® Charlotte AITM supercharge analyst workflows 
• Hear how your peers are solving real-world challenges and driving stronger security outcomes

Browse sessions for this track — and all others — in the full Fal.Con agenda (using the link below) to start planning your experience.

The fastest-moving threats don’t need malware — they just need a username and password. Some adversaries gain access through stolen credentials, while others are already inside. With a surge in access broker activity and nearly 80% of detections now malware-free, identity is the front line of cybersecurity. Adversary groups like SCATTERED SPIDER continue to target hybrid identity environments, and with machine identities now outnumbering humans, the attack surface is only growing. Identity is dynamic, requiring continuous, real-time, contextual analysis of behavior, intent, device posture, and access history.

Learn how CrowdStrike's AI-powered identity protection combines unified visibility, identity threat detection and response, and just-in-time access to stop breaches before adversaries reach their objective.

Key takeaways:

• Learn how to protect your hybrid identity environment in real time — from active directory to Entra ID and beyond 
• Discover how to detect identity-based attacks up to 85% faster with unified visibility across users, credentials, and devices 
• Explore how just-in-time access and least privilege enforcement eliminate standing privilege and reduce your attack surface 
• Hear from CrowdStrike experts and your peers on what’s working to stop modern identity threats

Browse sessions for this track — and all others — in the full Fal.Con agenda (using the link below) to start planning your experience.

Cloud environments have become prime targets for cyberattacks. According to the CrowdStrike 2025 Global Threat Report, new and unattributed cloud intrusions increased 26% in 2024, indicating more adversaries exploiting cloud environments are prime targets for cyberattacks services.1 Yet many organizations still rely on fragmented tools spanning on-premises and public clouds — covering infrastructure, apps, APIs, data, AI, and SaaS. This complexity creates gaps that attackers can exploit and limits visibility, threat detection, and breach prevention. As organizations scale AI in the cloud, defending that infrastructure becomes just as critical as using AI to stay ahead of threats.

Learn how to unify proactive security and cloud runtime protection — aligning cloud and security operation teams to close critical gaps and strengthen defenses.

Key takeaways:

• Discover how CrowdStrike stops cloud breaches with a unified approach to proactive security and runtime protection 
• Stay ahead of attackers with the latest cloud threat intel and adversary tactics 
• Learn how leading enterprises protect hybrid cloud environments in the real world 
• Get an exclusive look at what’s next on the CrowdStrike Falcon® Cloud Security roadmap

Browse sessions for this track — and all others — in the full Fal.Con agenda (using the link below) to start planning your experience.

The future of the SOC is AI-native, real-time, and built to stop breaches — not just document them. But most SIEMs are stuck in the past, designed for compliance and log retention while adversaries move at machine speed. CrowdStrike Falcon® Next-Gen SIEM fuses unified telemetry, adversary intelligence, and AI-native automation to deliver a smarter, faster, and more proactive defense. From AI-generated parsers that streamline data ingestion to LLM-powered SOAR that applies AI reasoning across first- and third-party data, you can cut through noise and automate repetitive tasks, freeing analysts to act faster and focus on what matters. It’s more than a better SIEM — it’s the foundation of the modern, AI-driven SOC.

Whether you’re rethinking your SIEM strategy or already deploying next-gen SIEM, this track reveals what’s new, what’s next, and what actually works to stop breaches.

Key takeaways:

• Discover best practices to detect, correlate, and respond to threats at machine speed
• See how unified telemetry and adversary intelligence power faster and smarter investigations 
• Explore how Charlotte AI accelerates triage and supercharges analyst efficiency 
• Hear from security leaders using Next-Gen SIEM to solve real-world challenges and stop breaches

Browse sessions for this track — and all others — in the full Fal.Con agenda (using the link below) to start planning your experience.

You’re on the front lines, juggling alerts, patching backlogs, and chasing blind spots, while adversaries move faster than ever. As hybrid and mulit-cloud environments grow more complex, security teams are stuck with disconnected tools and reactive workflows. The question is: How do you get ahead of risk instead of playing catch-up?

This track shows how CrowdStrike Falcon® Exposure Management, powered by CrowdStrike's ExPRT.AI, brings precision to vulnerability management. Learn how AI-driven prioritization helps teams cut critical vulnerabilities by up to 98%, dynamically map high-risk attack paths, automate response, and shift from reactive firefighting to proactive security.2 Walk away with real-world strategies you can apply immediately to reduce risk, save time, and drive outcomes.

Key takeaways:

• Learn how to achieve full asset visibility across hybrid environments 
• See how automated playbooks accelerate response and eliminate manual effort 
• Explore strategies to reduce your attack surface by up to 75% and cut breach risk in half 
• Understand how consolidating tools into one platform reduces noise, complexity, and operational overhead

Browse sessions for this track — and all others — in the full Fal.Con agenda (using the link below) to start planning your experience.

Today’s adversaries move fast, using stealthy, persistent tactics that overwhelm teams and expose gaps in traditional managed detection and response (MDR). Organizations need more than alerts — they need expert-led action. That’s why more are turning to CrowdStrike Falcon® Complete Next-Gen MDR, which fuses human expertise, AI, and the industry’s leading platform to deliver 24/7 coverage and full-cycle threat remediation.

This track takes you inside the mission. Hear from front-line experts and customers on how they’re staying ahead of ransomware, insider threats, and nation-state actors. Learn how to operationalize AI, extend coverage across domains, and see what true full-cycle MDR looks like.

Key takeaways:

• See how Falcon Complete neutralizes advanced adversaries and stops breaches across endpoint, identity, cloud, and third-party data with speed and precision 
• Learn how elite security analysts leverage AI and Falcon Next-Gen SIEM to deliver 24/7 threat monitoring, investigation, and response across the entire attack surface 
• Discover what full-cycle remediation really looks 
• Hear firsthand how customers and partners stay ahead of nation-state actors, ransomware, and insider threats

Browse sessions for this track — and all others — in the full Fal.Con agenda (using the link below) to start planning your experience.

Security and IT teams often work in silos, juggling separate tools and processes just to stay afloat. The result? Visibility gaps, manual handoffs, and delayed response times that leave endpoints exposed and your team stuck in reactive mode.

Learn how to break down barriers between IT and security with the unified CrowdStrike Falcon® platform. Discover how AI-powered visibility, baseline enforcement, and automated remediation at scale can help your team stay compliant, close security gaps faster, and prevent breaches.

Key takeaways:

• Cut the busywork and costs by consolidating security and IT workflows into one unified platform 
• Get full AI-powered visibility across every endpoint and take action at scale, all from the CrowdStrike Falcon® sensor you already use 
• Lock in secure configurations with baseline enforcement that keeps critical apps, services, and settings where they belong 
• Automate your remediation playbook so risks and vulnerabilities don’t slip through the cracks

Browse sessions for this track — and all others — in the full Fal.Con agenda (using the link below) to start planning your experience.

Today’s adversaries move fast, exploit blind spots, and increasingly use AI to enhance speed, scale, and deception — blending in with legitimate activity and rendering traditional defenses obsolete. To stop them, you have to think like them. This track explores how understanding adversary tradecraft, tools, and techniques — from initial access to data exfiltration — can fuel a proactive defense.

Sessions highlight the latest threat trends: Malware-free intrusions, identity-based attacks, living-off-the-land techniques, and AI-driven social engineering. You’ll learn how to operationalize threat intelligence, scale cross-domain threat hunting, and take action earlier in the attack chain.

Key takeaways:

• Learn how attackers move inside your environment and detect them earlier 
• Stay ahead of new threats like malware-free attacks and AI-driven threats 
• Hunt threats across endpoints, cloud, identity, and network data for a complete view 
• Understand how to think like an adversary to strengthen your defenses and respond faster

Browse sessions for this track — and all others — in the full Fal.Con agenda (using the link below) to start planning your experience.

Security maturity doesn’t happen overnight — but every step forward counts. Whether responding to a breach or preparing for what’s next, organizations turn to CrowdStrike’s Professional Services for expert-led response, proactive security, and long-term resilience.

This track takes you to the front lines with responders, advisors, and customers. Learn how to navigate real-world incidents, avoid common missteps, and accelerate recovery. See how proactive services — like tabletop exercises, compromise assessments, and AI red teaming — help you reduce risk, improve readiness, and strengthen your security posture before attackers strike. Walk away with strategies to move from reactive to proactive — and stay ahead of the adversary.

Key takeaways:

• Learn from the front lines as CrowdStrike’s elite incident responders share AI-enhanced insights from real-world breaches 
• Understand adversary tradecraft by discovering the latest TTPs and attack patterns 
• Accelerate response readiness with proven strategies — augmented by AI — to detect, contain, investigate, and recover from attacks
• Execute CrowdStrike's expert strategies and AI-driven approaches to reduce risk and strengthen defenses

Browse sessions for this track — and all others — in the full Fal.Con agenda (using the link below) to start planning your experience.

Data doesn’t stay still, and neither do the threats targeting it. As organizations embrace hybrid work, GenAI adoption, and cloud-native architectures, securing sensitive data across dynamic environments has never been more critical.

In this track, discover how CrowdStrike is revolutionizing data protection by delivering unified, real-time security across endpoint and cloud. Powered by real-time behavioral analysis, CrowdStrike Falcon® Data Protection understands context, detects anomalies, and stops data exfiltration before it happens. You’ll see how CrowdStrike is eliminating the complexity of traditional DLP with an AI-native platform approach that simplifies operations, enhances visibility, and stops unauthorized data movement before it happens.

Key takeaways:

• Discover how one, unified platform across endpoint and cloud can replace fragmented data protection tools, reduce operational overhead, and reduce blind spots 
• Hear from security teams that have transformed their data protection strategies, gaining visibility, control, and peace of mind in days, not months 
• Explore how CrowdStrike is helping organizations defend against GenAI data leaks, insider threats, and adversarial data theft 
• See how AI enhances CrowdStrike's unified classification engine to deliver greater accuracy and efficiency, enabling smarter detections, faster response, and stronger data protection outcomes

Browse sessions for this track — and all others — in the full Fal.Con agenda (using the link below) to start planning your experience.

As SaaS adoption accelerates, attackers are exploiting misconfigurations, blind spots, and compromised credentials across collaboration tools, file-sharing platforms, and CRM systems. Lateral movement across on-premises, cloud, and SaaS environments is now faster — and harder to detect. CrowdStrike Falcon® Shield delivers continuous visibility, real-time misconfiguration detection, AI hardening within SaaS apps, and risk reduction across your SaaS footprint. Learn how to stay ahead of adversaries by proactively closing security gaps before they're exploited and how it correlates identity, configuration, and threat data to streamline compliance, accelerate response, and strengthen your SaaS security posture.

Key takeaways:

• Learn how to secure your SaaS stack with continuous visibility and real-time threat detection 
• Discover best practices to identify and fix threats and misconfigurations across SaaS environments 
• Explore how to reduce risk from third-party integrations and unmanaged shadow IT 
• See how teams are protecting sensitive data while accelerating secure SaaS adoption

Browse sessions for this track — and all others — in the full Fal.Con agenda (using the link below) to start planning your experience.

In an era of rapid change and rising uncertainty, today's executives must navigate an increasingly complex security landscape while delivering measurable business outcomes. From AI-driven threats and geopolitical instability to tighter budgets and mounting regulatory pressure, the risks are escalating and the margin for error is shrinking.

This exclusive executive track — led by distinguished former and current CISOs and CIOs from world-class organizations — delivers actionable insights shared by security leaders who are redefining what's possible in enterprise security. Learn proven strategies to strengthen your security posture while advancing business objectives, shared by those who've successfully led through similar challenges. Gain practical frameworks and innovative approaches that position security not as a cost center but as a catalyst for growth. And, connect with forward-thinking peers who are shaping the next chapter of cybersecurity leadership.

Key takeaways:

• Learn strategies for maximizing security investments despite economic pressures 
• Understand what’s top of mind for peer executives around cyber resiliency and program development 
• Learn how organizational leaders have gained insight and efficiency through their security programs 
• Shape your organization's security strategy alongside fellow C-suite leaders, with opportunities for networking, learning, and exchanging ideas

Browse sessions for this track — and all others — in the full Fal.Con agenda (using the link below) to start planning your experience.

The Developer Accelerator track empowers IT practitioners, security responders, and technical professionals with hands-on development expertise across the Falcon platform. Using software development kits (SDKs), CrowdStrike Falcon® Fusion SOAR, and CrowdStrike Falcon® Foundry, participants learn to build custom security solutions through direct API integration.

Key takeaways:

• Access production-ready code examples and tested architectural patterns for immediate implementation 
• Improve incident response times and threat detection through optimized security processes 
• Learn to avoid common pitfalls while building scalable solutions 
• Increase ROI through reduced response times and enhanced operational efficiency

Browse sessions for this track — and all others — in the full Fal.Con agenda (using the link below) to start planning your experience.

Explore the power of the Falcon platform through technical training and immersive workshops designed for today’s cyber defenders. Go beyond theory with direct access to the tools, tactics, and workflows that help teams detect faster, respond smarter, and stop breaches with confidence.

Whether you're focused on SecOps, identity, cloud, or data protection, hands-on workshops offer practical experience you can take back to your team.