Sourced from the CrowdStrike Security Cloud and fully integrated into the Falcon platform, Falcon X is built for organizations struggling to respond to cybersecurity alerts and lack the time or expertise to get ahead of emerging threats. Falcon X helps you turn the tables on attackers by gaining knowledge about them before they attack. CrowdStrike Intelligence tracks more than 165 nation-state, eCrime and hacktivist adversaries and delivers profiles of each actor to your team so you can understand attackers’ motivation and proactively defend against their tactics, capabilities and tradecraft — the why, what and how of a potential attack.
If an adversary attempts a malware attack, Falcon X will automatically analyze the malware. The file is detonated in a safe and secure sandbox environment, and cross-referenced to massive databases in order to find related samples of that threat. Each step of this investigation is done for you, with no human intervention, and it takes just a few minutes. The results are integrated into other CrowdStrike modules, so for example, when you see Falcon Prevent stop malware from running, you can immediately pivot to the relevant threat intelligence to aid in your investigation or remediation. You can quickly discover whether an attack is one you will deal with just once, a commodity attack, or a targeted attack you can expect to persist over a longer period.
Falcon X delivers the critical intelligence you need, while eliminating the resource-draining complexity of incident investigations. Falcon X solves this problem by automating investigations, integrating threat intelligence and delivering customized and actionable indicators of compromise (IOCs), enabling organizations to implement proactive defenses.