Our website uses cookies to enhance your browsing experience.

Day 1 Agenda

North America: October 15, 8:30 a.m. - 11:45 a.m. PDT
EMEA: October 16, 8:30 a.m. - 11:45 a.m. BST
APAC: October 16, 1:30 p.m. - 4:45 p.m. AEDT
Japan: October 27, 2:00 p.m. – 5:00 p.m. JST

North America: October 15, 12:00 p.m. PDT
EMEA: October 16, 12:00 p.m. BST
APAC: October 16, 5:00 p.m. AEDT

North America: October 15, 12:00 p.m. PDT
EMEA: October 16, 12:00 p.m. BST
APAC: October 16, 5:00 p.m. AEDT

North America: October 15, 12:00 p.m. - 2:00 p.m. PDT (Invitation only)
EMEA: October 16, 12:00 p.m. BST
APAC: October 16, 5:00 p.m. AEDT

Pre- and Post-Event Training

Pre-Event: Courses offered October 5-8 and 13-14 in North America, EMEA (BST) and APAC (AEDT) — seating limited
Post-Event: Courses offered October 16 and 19-23 in North America, EMEA (BST) and APAC (AEDT) — seating limited

Day 1 Agenda

What’s the current state of cybersecurity — and what’s beyond the horizon? You’ll find out in our fast-moving, 2¾-hour Fal.Con 2020 livestream production.


“The World Has Changed — for Security and Beyond” with CrowdStrike President/CEO and Co-founder George Kurtz, featuring CrowdStrike Chief Technology Officer Mike Sentonas and other guests

CEO Power Panel

"How to Survive -- and Thrive -- in the 'Work from Anywhere' Economy" featuring CEOs of Zoom, Slack and CrowdStrike

Featured Customers

including thought leaders from the Mercedes-AMG Petronas Formula One Team, Amazon Web Services, The Home Depot, City of New York and more

Special Guest Stars

including F1 racing champion Lewis Hamilton, ABC News’ Rebecca Jarvis, acclaimed magician Mat Franco and more

New Product Reveal

by CrowdStrike Chief Product Officer Amol Kulkarni

Adversary Update

with CrowdStrike Senior Vice President of Intelligence Adam Meyers

Election Protection Panel

with President of CrowdStrike Services & CSO Shawn Henry,
Sir Robert Wainwright, Partner at Deloitte and former Executive
Director of Europol, and William Evanina, Director of the U.S.
National Counter Intelligence and Security Center (NCSC),
Office of the Director of National Intelligence (ODNI)


with cybersecurity experts and visionaries

Live Workshops

to get the most out of the CrowdStrike Falcon platform


and interactive, hands-on games


The Fal.Con 2020 education program has one goal — to make you a better security professional. Whether you're a CrowdStrike customer seeking mastery of the Falcon platform, a security expert looking to stay up on your game or an exec ready to lead your organization to the next level, Fal.Con 2020 has content and training designed for you. Choose from 50+ learning sessions in five tracks:

Security Strategy, Architecture & Operations
  • Accelerate From Zero to Sixty in No Time: A Fast Path to Becoming a CrowdStrike API Expert
  • Actively Defend Your Enterprise of Things: Don’t Just See Them, Secure Them (Featured Partner: Forescout Technologies)
  • Bringing Big Data to Data Protection
  • Bringing Zero Trust To Falcon Endpoints
  • Cornerstones to a Modern Security Strategy: Why EDR + NG-SIEM Is Critical to Securing the Modern Enterprise (Featured Partner: Exabeam)
  • Enabling Device-based Security and Productivity With Okta (Featured Partner: Okta)
  • Epic Transformation: Convincing Campuses to Secure Their Devices (Featured Customer: Cornell University)
  • Falcon and the MITRE ATT&CK Framework: Better Together​
  • Future Forward: A Distributed World Shifts the Security Front Lines to the Endpoint (Featured Partner: eSentire)
  • Gain Complete Device Coverage and Stop Breaches Faster with Integrated EDR and NDR (Featured Partner: ExtraHop)
  • How Best-in-Class EDR and NDR Deliver World-Class XDR (Featured Partner: Vectra AI)
  • How Does OT Security Evolve from Bolted On to Built In? Bridging the Relationship Gap to Build a Business-aligned OT Security Program (Featured Partner: EY)
  • Inside the CrowdStrike/Claroty Joint Solution: A New Approach to ICS Visibility and Threat Detection (Featured Partner: Claroty)
  • Introducing Illumio Edge for CrowdStrike: An Endpoint Recipe to Neutralize Ransomware (Featured Partner: Illumio)
  • Making It Stick: Introducing Cybersecurity Risk Management Into Your Organization
  • Metrics That Matter: From SecOps to the Boardroom – Explaining the Risk & Impact on the Company so Everyone Understands (Featured Partner: Consortium Networks)
  • Move Beyond Legacy: Cloud-first Endpoint Security in the Age of Distributed IT (Featured Partner: Automox)
  • Out of the Shadows, Into the Community
  • Phishing Emails and Web Exploits: Detection Walkthrough
  • Risky Business: Managing Cyber Risk Up and Down an Enterprise
  • Securing Your Industrial Operations With the Power of Dragos and CrowdStrike (Featured Partner: Dragos)
  • Sit Up Straight: Best Practices for Improving Your Security Posture (Featured Partner: Netskope)
  • Taming the Falcon: A Guide to the New Features You Might Have Missed​
  • Tigers and Bears and Mergers — Oh My!
  • The Confidence Game: How Attackers Exploit People and How to Stop Them (Featured Partner: Proofpoint)
  • The CrowdStrike Store: Simplifying Security Through an Ecosystem
  • Transform Your Workers to “Work From Anywhere” Without Compromising Security or User Experience (Featured Partner: Zscaler)
  • Frictionless Zero Trust
Research & Threat Intelligence
  • Agile Threat Intelligence with CrowdStrike and Sixgill: How I Learned to Stop Worrying and Love the Machine (Featured Partner: Sixgill)
  • Baaj Afzar Bazaar: The Rise of Iran’s Ransomware Marketplace
  • Demystifying the MSS and China’s Contract Hacking Model
  • Disinformation and Epidemics: Anticipating the Next Phase of Biowarfare
  • Exploring the Hidden Web: A New Falcon Module Preview
  • LEAD Framework: Revamping Threat Intelligence (Featured Customer: Adobe)
  • Machine Learning for Threat Intelligence: Applying K-Means Clustering to Dharma and Phobos Ransomware Incidents
  • Priority Intelligence Requirements: Your Key to Working Smarter with More Impact (Featured Customer: Anheuser-Busch InBev)
  • Prosecuting Cyber Espionage: Insights and Impacts from Cyber Espionage Indictments
  • REvil: A Prolific Ransomware as a Service
  • The Dark Web and You: A Demystification Story
  • The Evolution of Ransomware and the PINCHY SPIDER Actor Group (Featured Partner: RiskIQ)
  • Why MITRE ATT&CK Doesn’t Work Like Bingo
Threat Hunting & Incident Response
  • A Dharma Initiative: How OverWatch Threat Hunting Uncovered a Widespread Ransomware Network
  • Avoid the Breach, Save the Weekend: Lessons Learned with CrowdStrike Services
  • Better Know an Adversary, or 10 Things You Should Hate in Your Network
  • Drinking from the Tap: Network Security Monitoring
  • Elevate Your Game: Creating Tabletop Exercises that Actually Improve Your Team
  • EvilGinx-ing Into AWS Cloud: How Expel Detected a Sophisticated Red Team Attack (Featured Partner: Expel)
  • Hitting the Easy Button: Remediating Malware at Scale via Falcon’s Real Time Response API
  • How Falcon Logs Can Transform your XDR Game (Featured Partner: Hunters)
  • Hunting for the Insider Threat (Featured Partner: Micro Focus)
  • OverWatch in Action: Demystifying the Threat Hunting Process
  • Tales From the Crypt 2020: Case Studies in Ransomware
  • Through the Eyes of the Adversary: The Synthesis of Threat Intelligence and Threat Hunting Operations​
  • Uptown Splunk: Get Funky With Falcon Data
  • Solving the Offline Host Conundrum: Remediation with the RTR Queueing API
IT Operations
  • A Use Case for Containment: How One Company Uses the CrowdStrike API to Prevent Data Loss
  • Adapting Your IT Hygiene Program for Long-term Working Environment Changes
  • Bridging the Gap: Discovering Vulnerability Trends to Improve Host Security
  • Case Study: Covert Deployment of Security Tools with CrowdStrike Real Time Response (Featured Customer: Swagelok)
  • Falcon Platform APIs: How to Connect to, Leverage and Make the Most of It
  • Scripting the Falcon OAuth2 APIs with PowerShell: Overview of the PSFalcon Toolkit
  • Skeletons in the IT Closet: Red Team Quick Wins
  • When It Comes to Vulnerability Management: It’s Time to STOP and Reassess
Cloud, Container & Data Center Security
  • Building Security Best Practices with AWS and CrowdStrike (Featured Partner: Amazon Web Services)
  • Cracking Perimeters in an Evolving Landscape: A Red Team’s Perspective
  • Ransom in Amazon Web Services (AWS)
  • Securing Cloud Workloads
  • Securing Containers
  • See More, Know More, Do More with Cloud Security Posture Management
Hands On
Live Workshops

Introduction to the Falcon Platform: Follow clues left behind by a known adversary. This hands-on workshop enables you to experience various aspects of the CrowdStrike solution as you work to find the mysterious security gap.

Real Time Response: Cloud-driven System Management and Control: Get a glimpse into potential use cases using the powerful Real Time Response tool. You’ll run a series of commands on a test system to experience the potential of Real Time Response live.

Threat Hunting with CrowdStrike Falcon: See the power of CrowdStrike’s unparalleled event collection, visibility and threat intelligence. This hands-on workshop guides you through various threat hunting scenarios including event queries, IOC searches, PowerShell hunting and indicator graphing.

Hands-On Activities

Falcon Platform: Get access to the Falcon UI to explore different aspects of the CrowdStrike platform.

Endpoint Detection & Response: Leveraging the Falcon UI, use CrowdStrike’s extensive event database run queries and searches.

IT Operations: Employ the Falcon UI to discover CrowdStrike’s IT hygiene and vulnerability management capabilities.

Cloud Security: Leverage Falcon UI dashboards for cloud workload protection to focus on a cloud-provisioned environment.

Falcon Test Drive

Take Falcon for a spin!  You’ll be guided through various hands-on scenarios that demonstrate the CrowdStrike solution and user interface in action.


This invitation-only forum following the general session addresses the most critical issues C-suite decision makers are facing in these challenging times.

Executive Intelligence Briefing: State of Cybersecurity — Learn about the current threat landscape and latest trends in intelligence, nation-state threats and eCrime to stay ahead of today’s adversaries.

State of Security Panel: How Amazon and Ernst & Young Leverage Innovation to Make Informed Decisions — Hear how two global powerhouses built strong and resilient security strategies.

Mercedes-AMG & CrowdStrike: “Perfecting the Pivot: Building a Winning Culture in Challenging Times” — Join F1 racing champion Lewis Hamilton, Mercedes-AMG Petronas F1 Team CEO Toto Wolff, CrowdStrike CEO and GT3 race driver George Kurtz, and international sports broadcaster Danny Hornigold for a lively chat about building and maintaining world-class teams in the post-COVID era.

Pre- and Post-Event Training
Add-On Falcon Platform Training

In today’s elevated threat environment, it’s more important than ever to update your technical knowledge and learn new skills. Fal.Con 2020 is your ideal opportunity to advance your abilities and work toward becoming a CrowdStrike Certified Professional, including Falcon Hunter, Responder and Administrator.

CrowdStrike University is offering half- and full-day immersive technical training sessions before and after Fal.Con 2020. Seating is capped at 15 per course — register now to save your spot and get the skills you need to stay ahead of the adversary!

FHT 200: Falcon Platform for Administrators (Full Day)

FHT 201: Intermediate Falcon Platform for Responders (Full Day)*

FHT 202: Intermediate Falcon Platform for Hunters (Full Day)*

FHT 240: Investigating and Mitigating Threats with Falcon Insight Real Time Response (Full Day)

CST 205: Leveraging AutoMacTC for macOS Incident Response at Scale (Half Day)

*Prerequisites required. See registration site for details.