CrowdStrike Falcon® Intelligence: Automated Threat Intelligence

Supercharge your SOC and Incident Response teams with built-in adversary intelligence and get ahead of the attackers next move.

Falcon Intelligence tiers

Choose the option that suits you best


CrowdStrike Falcon® Intelligence

Automatically investigate incidents and accelerate alert triage and response. Built into the Falcon platform, it is operational in seconds.

falcon-intelligence-icon-premium 1 (1)

CrowdStrike Falcon® Intelligence Premium

Premium adds threat intelligence reporting and research from CrowdStrike experts — enabling you to get ahead of nation-state, eCrime and hacktivist adversaries.


CrowdStrike Falcon® Intelligence Elite

Elite expands your team with access to an intelligence analyst to help defend against adversaries targeting your organization.
*Requires Falcon Intelligence Premium

  • Endpoint Integrations tooltip
  • Automated Investigations tooltip
  • Indicators of Compromise (IOCs) tooltip
  • Intelligence reports tooltip
  • Tailored intelligence tooltip
  • SNORT/YARA rules tooltip
  • Assigned intel analyst tooltip
  • Requests for information tooltip
  • Priority intelligence requirements tooltip

Falcon Intelligence Premium

Falcon Intelligence Elite

How does Falcon Intelligence help?

Automated investigations

  • Bring endpoint protection to the next level by combining malware sandbox analysis, malware search and threat intelligence in a single solution
  • Reduce the time and skills required to perform manual incident investigations
  • Identify and investigate related threats and block similar attacks in the future
Falcon intel automated analysis

Indicators of Compromise (IOCs)

  • Visualize relationships between IOCs and adversaries found on your endpoints protected by the CrowdStrike Falcon® platform
  • Hunt for threats with IOCs enriched with context
  • Strengthen defenses with CrowdStrike's real-time global IOC feed
  • Pre-built integrations and APIs enable you to orchestrate defenses with existing security solutions
Falcon intel indicator graph

Actor profiles

  • Access 165+ profiles of nation-state, eCrime and hacktivist adversaries
  • Identify adversaries focused on attacking your business, region, or industry
  • Learn about your adversaries’ intent and capabilities and predict their next move
Mummy spider threat profile

Extended endpoint integration

  • Built into the CrowdStrike Falcon® platform, there is no integration, administration or deployment required
  • Protected endpoints automatically forward all quarantined files to Falcon Intelligence for immediate investigation
  • Streamline your workflow and pivot seamlessly into adversary insights from other CrowdStrike modules
Falcon Intelligence berserk bear detections