Miss a session at Fal.Con, or couldn’t join us in Las Vegas this year? Catch up with a curated selection of standout breakout sessions from Fal.Con 2025. Explore the ideas, insights, and real-world strategies that defined this year’s event, available on demand so you can learn at your own pace.
Fireside Chat with the National Cyber Director
Mike Sentonas and Sean Cairncross, National Cyber Director
AI as a Weapon: Hunting the Adversary of the Future
Adam Meyers, SVP of Counter Adversary Operations
Securing Tomorrow: The Architectural Foundation of the Agentic SOC
Elia Zaitsev, Chief Technology Officer
Innovating Through Resiliency: The Future of the Falcon Platform for Modern Endpoints
Alex Ionescu, Chief Technology Innovation Officer
AI-Powered Attacks: The New Threat Frontier
Explore how adversaries are weaponizing AI for autonomous campaigns, and learn concrete detection and defense strategies to stay ahead of AI-powered attacks using the Falcon platform.
CrowdStrike’s Vision for Securing the AI-Powered Enterprise
Explore CrowdStrike’s vision for securing the AI-powered enterprise—from code to cloud—using Falcon platform capabilities like AI red teaming and posture management to adopt AI safely and confidently.
An (Access) Path Well Trodden: Common TTPs in Linux Intrusions
Trace common TTPs in real Linux and Unix intrusions against service providers, and learn how to detect, investigate, and disrupt attackers as they repeatedly follow the same access paths.
Hunting at the Edge: Preempting a Domain Controller Takeover
Follow a real hunt that stopped a domain controller takeover in reconnaissance, and leave with practical techniques to turn weak identity and endpoint signals into early, decisive action.
Outpacing Adversaries with MDR: Delivering Value from Day One
See how Falcon Complete Next-Gen MDR stops real attacks in the first 30 days, and learn how MDR plus the Falcon platform and Charlotte AI slash time-to-value and harden your defenses.
AI Agents and Automation: Augmenting the SOC Analyst
See how Falcon Complete Next-Gen MDR uses AI agents, Charlotte AI and Falcon Fusion SOAR to augment analysts, automate investigation, and accelerate response across millions of endpoints.
1% Better Today: Small Steps, Big Security Gains
Learn a pragmatic, 1%-better-per-day approach from VyStar’s CISO to identify high-impact gaps, align strategy to operations, and build a security program that steadily matures without boiling the ocean.
Coordinating Cyber Crisis Response: The First 48 Hours
Learn how legal, insurance, and incident response leaders coordinate in the first 48 hours of a breach so you can make the right calls, contain impact, and meet regulatory and contractual obligations.
Save the Date for Fal.Con 2026
August 31-September 3 | Mandalay Bay Resort in Las Vegas
Inspired by what you see? Join us live next year at Fal.Con 2026, August 31–September 3 at Mandalay Bay. Experience hundreds of sessions, connect with thousands of security experts, and collaborate with more than 10,000 peers from around the world.
Crawl, Walk, Run: Master Falcon Fusion SOAR
Learn how to build and scale Falcon Fusion SOAR automations step by step, using real-world use cases and demos to reduce detection and response times at any stage of your security program.
Advanced SIEM Rules: From Concept to Creation with Copart
Build advanced, high-fidelity correlation rules in Falcon Next-Gen SIEM using real-world use cases, best practices, and expert tips to boost detection accuracy and performance.
AI-Powered Hunting: From Theory to Practice
Transform threat hunting with AI-driven workflows in the Falcon platform, turning weak signals into fast, scalable hunts that uncover real adversaries instead of burning analyst time.
Accelerate Security Investigations with Falcon for IT
See how incident responders use Falcon to perform fast, high-fidelity forensics at scale, validating indicators, reconstructing activity, and scoping threats without full disk collection.
Falcon for IT: Latest Innovations and Roadmap
Discover how Falcon for IT unifies endpoint visibility and automates routine actions so security teams can remediate issues at scale without juggling fragmented IT tools or workflows.
Beyond Event IDs: Modern Active Directory Attack Defense
Move beyond noisy domain controller logs with modern Active Directory defense that uses identity analytics and behavioral modeling to surface real attacks with less complexity and overhead.
Falcon Identity Protection: Innovations and Roadmap
Explore the latest Falcon Identity Protection innovations and roadmap to stop access brokers, secure hybrid identities, and reduce attacker lateral movement while easing team workload.
Analyzing Generative AI's Impact on Ransomware Evolution
Examine FunkSec, an AI-assisted Rust ransomware family, and learn what it reveals about how GenAI is shaping ransomware tactics, sophistication, and detection strategies.
EDR Evasion Exposed: The Reality Behind Bypasses
Cut through the hype on EDR bypasses with a candid look at real evasion techniques, how resilient defenses actually behave, and how to assess TTP-level risk and attacker cost.
Latest Innovations and Roadmap: Falcon Exposure Management
Get a first look at Falcon Exposure Management innovations that unify attack surface visibility, AI-based asset and risk insights, and automatic workflows to close exposures faster.
From Risk to Response: Best Practices for Operating Falcon Exposure Management
See how real teams run Falcon Exposure Management day to day, using SIEM integrations, EASM, and proven playbooks to triage faster and turn risk insights into concrete remediation.
AI Governance: A Roadmap to Reducing AI Risk
Learn how to build practical AI governance that balances innovation with risk, using clear policies, controls, and monitoring to keep your models, data, and cloud environment secure.
Automating Cloud Defense with Falcon Cloud Security, Charlotte AI, and Falcon Next-Gen SIEM
See how Falcon Cloud Security, Charlotte AI, and Falcon Next-Gen SIEM work together to automate cloud defense, unifying posture, runtime and identity signals to detect and remediate threats faster.
How to Hack a SaaS Platform with a Hoodie, a Keyboard, and $5
See how attackers can compromise SaaS platforms with cheap tools by abusing misconfigurations, SSO and OAuth flows, and learn how to spot the signals and harden your environment.
Phishing 2.0: The Hunt for Hidden Sessions in SaaS Platforms
Unpack modern adversary-in-the-middle phishing that steals SaaS sessions, see how real campaigns unfold in telemetry, and learn how to hunt, detect, and stop hidden account takeovers.
Advanced Falcon Sensor Deployments at Scale
Discover automation patterns and open-source tools for deploying Falcon sensors at scale across diverse environments using cloud-native services, configuration management, and Kubernetes frameworks.
Real-World Use Cases with Falcon Data Protection for Cloud
Get hands-on with Falcon Data Protection for Cloud, using eBPF-powered visibility, intuitive dashboards, and SOAR playbooks to tackle real cloud data risks like sensitive data exfiltration.
Real-World Data Exfiltration in Action and Out-of-the-Box Defense with Falcon Data Protection
Walk through real data exfiltration incidents and see how Falcon Data Protection delivers out-of-the-box policies and workflows to catch insider and external theft with minimal tuning.
Stay connected to what's coming next at Fal.Con 2026 in Las Vegas.