CrowdStrike Falcon® Intelligence: Automated Threat Intelligence

Supercharge your SOC and Incident Response teams with built-in adversary intelligence and get ahead of the attackers next move.

“CrowdStrike is capable of catering to the diverse customer needs across industry verticals, with its comprehensive capabilities, compelling customer references, comprehensive roadmap and vision, cloud-native platform, and product suite with high scalability, have received strong ratings across technology excellence and customer impact.”

Falcon Intelligence tiers

Choose the option that suits you best


CrowdStrike Falcon® Intelligence

Automatically investigate incidents and accelerate alert triage and response. Built into the Falcon platform, it is operational in seconds.

falcon-intelligence-icon-premium 1 (1)

CrowdStrike Falcon® Intelligence Premium

Premium adds threat intelligence reporting and research from CrowdStrike experts — enabling you to get ahead of nation-state, eCrime and hacktivist adversaries.


CrowdStrike Falcon® Intelligence Elite

Elite expands your team with access to an intelligence analyst to help defend against adversaries targeting your organization.
*Requires Falcon Intelligence Premium

  • Endpoint Integrations tooltip
  • Automated Investigations tooltip
  • Indicators of Compromise (IOCs) tooltip
  • Intelligence reports tooltip
  • Tailored intelligence tooltip
  • SNORT/YARA rules tooltip
  • Assigned intel analyst tooltip
  • Requests for information tooltip
  • Priority intelligence requirements tooltip

Falcon Intelligence Premium

Falcon Intelligence Elite

How does Falcon Intelligence help?

Automated investigations

  • Bring endpoint protection to the next level by combining malware sandbox analysis, malware search and threat intelligence in a single solution
  • Reduce the time and skills required to perform manual incident investigations
  • Identify and investigate related threats and block similar attacks in the future
Falcon intel automated analysis

Indicators of Compromise (IOCs)

  • Visualize relationships between IOCs and adversaries found on your endpoints protected by the CrowdStrike Falcon® platform
  • Hunt for threats with IOCs enriched with context
  • Strengthen defenses with CrowdStrike's real-time global IOC feed
  • Pre-built integrations and APIs enable you to orchestrate defenses with existing security solutions
Falcon intel indicator graph

Actor profiles

  • Access 165+ profiles of nation-state, eCrime and hacktivist adversaries
  • Identify adversaries focused on attacking your business, region, or industry
  • Learn about your adversaries’ intent and capabilities and predict their next move
Mummy spider threat profile

Extended endpoint integration

  • Built into the CrowdStrike Falcon® platform, there is no integration, administration or deployment required
  • Protected endpoints automatically forward all quarantined files to Falcon Intelligence for immediate investigation
  • Streamline your workflow and pivot seamlessly into adversary insights from other CrowdStrike modules
Falcon Intelligence berserk bear detections