Press Release | Media on CrowdStrike

CrowdStrike Launches Open Source Falcon Orchestrator With Spring Platform Release

Offers Extendable Enhanced Workflow Automation and Executing Real-Time Security Forensics and Remediation Actions

Irvine, CA – May 25, 2016 – CrowdStrike Inc., a leader in cloud-delivered next-generation endpoint protection, threat intelligence and response services, today announced the availability of CrowdStrike Falcon™ Orchestrator, an open source tool built on CrowdStrike’s Falcon Connect APIs. The unveiling of Falcon Orchestrator is part of CrowdStrike’s Spring release of new solutions and services which also includes introducing an updated and expanded set of APIs for the CrowdStrike Falcon Platform along with next-generation antivirus features providing new ransomware protection capabilities. CrowdStrike is making Falcon Orchestrator available under an open source license, enabling the community to enhance it by leveraging the highly extensible APIs contained within the Falcon Connect program. With Falcon Orchestrator, customers can take advantage of powerful workflow automation and case management capabilities, as well as extendable wide range of security forensics and remediation actions which work in conjunction with and complement the capabilities of CrowdStrike Falcon Host.

Additional benefits of Falcon Orchestrator include:

  • Falcon Orchestrator delivers out-of-the box integrations to better enable CrowdStrike Falcon Host customers to enhance their next-generation endpoint protection capabilities, including, but not limited to, incident response, security forensics, remediation, asset monitoring, and alert management.
  • The open source licensing of Falcon Orchestrator allows customers, partners, and third-party developers to build and extend custom security workflows by leveraging the CrowdStrike Falcon Platform APIs.
  • Extendable Powershell-based security actions enable a wide range of features from file retrieval to user containment, as well as extensive forensics collection capabilities that augment and optimize existing workflows with CrowdStrike Falcon Host data and intelligence.

“By developing and releasing open source tools, CrowdStrike reinforces its commitment to give back to the security community and make it easier for customers and partners to take advantage of our experience, resources and extensibility of the Falcon platform to help them stop breaches in real-time,” said Dmitri Alperovitch, CrowdStrike’s co-founder and chief technology officer. “With Falcon Orchestrator, customers can instantly respond with custom forensics, containment and remediation actions to threats identified by the Falcon platform.”

“Rackspace applauds CrowdStrike’s commitment to open source with their release of the community Falcon Orchestrator tool,” said Brian Kelly, chief security officer of Rackspace. “Falcon Orchestrator empowers users to extend the CrowdStrike Falcon Platform and its Falcon Connect APIs in all kinds of very exciting ways. The wide variety of out-of-the-gate powerful features range from extensive enterprise workflow management features to customizable security actions.  This allows for highly flexible and rapid response to security incidents identified by CrowdStrike Falcon, and highlights the power of the CrowdStrike Falcon Platform and the tremendous benefits this technology brings to Rackspace and our customers.”

Supporting Content Resources:


About CrowdStrike

CrowdStrike is the leader in next-generation endpoint protection, threat intelligence and response services. CrowdStrike’s core technology, the CrowdStrike Falcon™ platform, stops breaches by preventing and responding to all types of attacks – both malware and malware-free. CrowdStrike has revolutionized endpoint protection by combining three crucial elements: next-generation AV, endpoint detection and response (EDR), and a 24/7 managed hunting service — all powered by intelligence and uniquely delivered via the cloud in a single integrated solution. Falcon uses the patent-pending CrowdStrike Threat Graph™ to analyze and correlate billions of events in real time, providing complete protection and five-second visibility across all endpoints. Many of the world’s largest organizations already put their trust in CrowdStrike, including three of the 10 largest global companies by revenue, five of the 10 largest financial institutions, three of the top 10 health care providers, and three of the top 10 energy companies. CrowdStrike Falcon is currently deployed in more than 170 countries.

We Stop Breaches. Learn more:

Follow us: Blog | Twitter

Media Contact
Cris Paden
CrowdStrike Inc.