CrowdStrike Falcon® Intelligence
The world’s leading AI-native platform for automated threat intelligence

Get ahead of the attacker’s next move with built-in, world-class adversary intelligence.

See Falcon Intelligence in action

You don’t have a malware problem — you have an adversary problem. The more you know about your attacker, the better you can protect your business. Watch how Falcon Intelligence detects, disrupts and stops today’s sophisticated adversaries.

Falcon Intelligence tiers

Choose the option that suits you best

falcon-intelligence-icon-red

CrowdStrike Falcon Intelligence

Automatically investigate incidents and accelerate alert triage and response. Built into the Falcon platform, it is operational in seconds.

falcon-intelligence-icon-premium 1 (1)

CrowdStrike Falcon® Intelligence Premium

Premium adds threat intelligence reporting and research from CrowdStrike experts — enabling you to get ahead of nation-state, eCrime and hacktivist adversaries.

falcon-intelligence-elite-icon

CrowdStrike Falcon® Intelligence Elite

Elite expands your team with access to an intelligence analyst to help defend against adversaries targeting your organization.
*Requires Falcon Intelligence Premium

  • Endpoint Integrations tooltip
  • Automated Investigations tooltip
  • Indicators of Compromise (IOCs) tooltip
  • Intelligence reports tooltip
  • Tailored intelligence tooltip
  • SNORT/YARA rules tooltip
  • Assigned intel analyst tooltip
  • Requests for information tooltip
  • Priority intelligence requirements tooltip

Falcon Intelligence Premium

Falcon Intelligence Elite

How does Falcon Intelligence help?
Automated investigations
  • Bring endpoint protection to the next level by combining malware sandbox analysis, malware search and threat intelligence in a single solution
  • Reduce the time and skills required to perform manual incident investigations
  • Identify and investigate related threats and block similar attacks in the future
Falcon intel automated analysis
Indicators of Compromise (IOCs)
  • Visualize relationships between IOCs and adversaries found on your endpoints protected by the CrowdStrike Falcon® platform
  • Hunt for threats with IOCs enriched with context
  • Strengthen defenses with CrowdStrike's real-time global IOC feed
  • Pre-built integrations and APIs enable you to orchestrate defenses with existing security solutions
Falcon intel indicator graph
Actor profiles
  • Access 165+ profiles of nation-state, eCrime and hacktivist adversaries
  • Identify adversaries focused on attacking your business, region, or industry
  • Learn about your adversaries’ intent and capabilities and predict their next move
Mummy spider threat profile
Extended endpoint integration
  • Built into the CrowdStrike Falcon® platform, there is no integration, administration or deployment required
  • Protected endpoints automatically forward all quarantined files to Falcon Intelligence for immediate investigation
  • Streamline your workflow and pivot seamlessly into adversary insights from other CrowdStrike modules
Falcon Intelligence berserk bear detections
CrowdStrike Counter Adversary Operations

CrowdStrike is proud to announce the launch of Counter Adversary Operations, a newly formed, first-of-its kind security team that brings together CrowdStrike Falcon Intelligence and the CrowdStrike® Falcon OverWatch℠ threat hunting team to form one unit with one mission: To stop breaches and raise the adversaries’ cost of doing business.