Falcon X: Automated Threat Intelligence
Supercharge your SOC and Incident Response teams with built-in adversary intelligence and get ahead of the attackers next move.
Try Falcon X for Free
Product Capabilities
CHOOSE THE OPTION THAT SUITS YOU BEST
-
Falcon X
Automatically investigate incidents and accelerate alert triage and response. Built into the Falcon Platform, it is operational in seconds.
-
Falcon X Premium
Premium adds threat intelligence reporting and research from CrowdStrike experts — enabling you to get ahead of nation-state, eCrime and hacktivist adversaries.
-
Falcon X Elite
Elite expands your team with access to an intelligence analyst to help defend against adversaries targeting your organization.
Falcon X | Falcon X Premium | Falcon X Elite | |
---|---|---|---|
Endpoint Integration
|
|||
AUTOMATED INVESTIGATIONS
|
|||
INDICATORS OF COMPROMISE (IOCs)
|
|||
INTELLIGENCE REPORTS
|
|||
TAILORED INTELLIGENCE
|
|||
SNORT/YARA RULES
|
|||
ASSIGNED INTEL ANALYST
|
|||
REQUESTS FOR INFORMATION
|
|||
PRIORITY INTELLIGENCE REQUIREMENTS
|
TECHNICAL FEATURES
How Does Falcon X Help?

AUTOMATED INVESTIGATIONS
- Bring endpoint protection to the next level by combining malware sandbox analysis, malware search and threat intelligence in a single solution
- Reduce the time and skills required to perform manual incident investigations
- Identify and investigate related threats and block similar attacks in the future

INDICATORS OF COMPROMISE (IOCs)
- Visualize relationships between IOCs and adversaries found on your endpoints protected by the Falcon Platform
- Hunt for threats with IOCs enriched with context
- Strengthen defenses with CrowdStrike's real-time global IOC feed
- Pre-built integrations and APIs enable you to orchestrate defenses with existing security solutions

ACTOR PROFILES
- Access 165+ profiles of nation-state, eCrime and hacktivist adversaries
- Identify adversaries focused on attacking your business, region, or industry
- Learn about your adversaries’ intent and capabilities and predict their next move

EXTEND ENDPOINT INTEGRATION
- Built into the CrowdStrike Falcon Platform, there is no integration, administration or deployment required
- Protected endpoints automatically forward all quarantined files to Falcon X for immediate investigation
- Streamline your workflow and pivot seamlessly into adversary insights from other CrowdStrike modules
TECHNICAL CENTER
For technical information on the product capabilities and features, please visit the CrowdStrike Tech Center.
Our Customers
CUSTOMERS THAT TRUST CROWDSTRIKE
See How CrowdStrike Stacks Up Against the Competition
CompareGET ANSWERS TO FREQUENTLY ASKED QUESTIONS
Falcon X FAQPURCHASE FALCON X AS PART OF A BUNDLE
CrowdStrike bundles are specifically tailored to meet a wide range of endpoint security needs
Explore the Bundles