Falcon Forensics Data Sheet

Streamlining triage data collection and analysis

Falcon Forensics is CrowdStrike’s powerful triage data collection solution. It allows incident responders to react more quickly to investigations and conduct compromise assessments,
threat hunting and monitoring.

With CrowdStrike® Falcon Forensics, responders are able to streamline the collection of point-in-time and historic forensic triage data for robust analysis of cybersecurity incidents. Responders gain the ability to research and investigate incidents faster and with greater precision. Falcon Forensics leverages a dissolvable executable and the CrowdStrike cloud, which leaves a minimal trace on endpoints. Streamlined management via the Falcon Forensics console and dashboards makes triage fast and easy.


  • OS icon
  • deployment icon
  • installation icon

For technical information on installation, policy configuration and more, please visit the CrowdStrike Tech Center.

Visit the Tech Center