CrowdStrike University Training

Full-day intensive, instructor-led courses

Take your skills to the next level with expert-led training at Fal.Con!

Our curated selection of instructor-led courses empowers practitioners to master CrowdStrike products, from fundamentals to advanced techniques. Enhance your on-the-job capabilities and get the most out of your cybersecurity investment.

Full-day training courses run for eight hours and will be offered pre-and post- Fal.Con. Laptops are required for participation. Cost: $1,000/course (maximum of one course/day).

Registration for CrowdStrike University (CSU) Training courses will open in April.


Falcon Platform for Administrators

This course instructs new and beginning users on the technical fundamentals of CrowdStrike Falcon. The course is appropriate for those who use Falcon on a day-to-day basis and focuses on the installation, configuration and day-to-day management of the products. It is intended for technical contributors who will be administering and using the Falcon console.



Falcon Platform for Responders

This course instructs intermediate responders in the best use of CrowdStrike Falcon for incident triage. The course is appropriate for those who use the Falcon platform on a day-to-day basis to detect, investigate and respond to incidents. Positions might include security analyst, SOC analyst, security engineer, IT security operations manager, security administrator, endpoint security administrator or channel sales engineer.



Investigating and Querying Event Data with Falcon EDR

This class is an intermediate-level course for those who use CrowdStrike Falcon® Insight XDR to detect, investigate and respond to incidents using proactive investigation techniques. During this course, learners will perform search queries, apply custom searches, use reports to assist with hunts and create commands to investigate events and find attacker activity.



Investigating and Mitigating Threats with Real Time Response

This hands-on course is intended for technical contributors who will be performing remediation, host-level response to detections or host investigations with CrowdStrike Falcon® Real Time Response (RTR). The course explains use cases and administrative considerations for Falcon RTR and provides hands-on experience remediating threats using a variety of RTR commands, custom scripts and over the API using PS Falcon.



Identifying and Remediating Risks in your Cloud Environment with CSPM

This course will teach you how to use CrowdStrike’s cloud security posture management (CSPM) module, CrowdStrike Falcon® Horizon, to secure your cloud environment configurations and remain in compliance with industry standards. Find out how CSPM can help you determine if any of your cloud assets are misconfigured, if you are meeting your industry standards for security and if any behaviors affecting your cloud assets are malicious. During this course, you will locate cloud accounts with vulnerabilities, find the steps to remediate them and learn where to communicate those findings.



Securing Cloud Workloads and Containers with Falcon Cloud Security

This course will teach you how to use CrowdStrike Falcon® Cloud Security and “shift left” to protect containerized workloads and cloud-native applications. The course includes security best practices and tips for using Falcon Cloud Security to mitigate common threats to cloud workloads and how to proactively identify common threats and mitigate risks at every stage of application development.


IDP 270

Protecting Workforce Identities with Falcon Identity Protection

This course will teach you how to configure, implement and utilize the data feeds from Falcon Identity Protection to secure your organization against credential-based attacks, including: Basic tenets of identity-based attacks, Zero Trust and identity protection; how Falcon IDP can help you gain visibility into your overall security posture; implementing policy rules to enforce targeted controls against users and groups in your domain; and performing threat hunting, analysis and light investigation from identity-based detections.


LOG 200

Falcon LogScale for Administrators

The Falcon LogScale for Administrators course will teach participants how to configure and maintain the main components of LogScale in an installed instance. Participants will walk through the steps and techniques used to administer a LogScale environment, manage authentication and authorization and explore how data gets into LogScale.


LOG 201

Preparing, Ingesting and Parsing Log Data using Falcon LogScale

This Falcon LogScale course will teach participants how to prepare and work with log data for effective analysis and response, improve search performance, create visualizations using LogScale Query Language, conduct statistical analysis and create alerts and actions in LogScale.


LOG 202

Analyze Logs, Visualize Data, and Answer Business-Critical Questions using Falcon LogScale

In this immersive course, gain hands-on experience with CrowdStrike Falcon® LogScale for analyzing logs, visualizing data and answering business-critical questions. Learn to design compelling widgets and dashboards, optimize dashboard interactions and strategically architect parameterized dashboards using the CrowdStrike Falcon® LogScale Query Language. This course is especially beneficial for roles such as data analysts, IT administrators and log management specialists.


Register your team today

Insider Updates

Big Discounts

Special Hotel Rates