CrowdStrike Falcon X
Automated Intelligence
Falcon X: Automated Threat Intelligence
Supercharge your SOC and Incident Response teams with built-in adversary intelligence and get ahead of the attackers next move.
Making Predictive Security a Reality
For cyber protection teams that are struggling to respond to cybersecurity alerts and don’t have the time or expertise to get ahead of emerging threats, the CrowdStrike Falcon X™ solution delivers the critical intelligence you need, while eliminating the resource-draining complexity of incident investigations. Falcon X is the only solution to truly integrate threat intelligence into endpoint protection, automatically performing investigations, speeding response, and enabling security teams to move from a reactive to a predictive, proactive state.
With the unique cloud-native CrowdStrike Falcon platform as a foundation, cybersecurity teams can now automatically analyze malware found on endpoints, find related samples from the industry’s largest malware search engine, and enrich the results with customized threat intelligence. This closed-loop system provides security teams with custom indicators of compromise (IOCs) to share with their other security tools as well as intelligence reporting that tells the complete story of the attack. With a complete understanding of the attack, your team is empowered to respond faster and orchestrate proactive countermeasures across your organization.
Falcon X and integrated threat intelligence is the next step for endpoint protection. It takes antivirus and endpoint detection and response alerts to the next level by not only showing what happened on the endpoint, but also revealing the "who, why and how" behind the attack. Understanding the threat at this level is the key to getting ahead of future attacks and raising the cost to the adversary
Falcon X enables customers of all sizes to better understand the threats they face and improves the efficacy of their other security investments with actionable and customized intelligence to defend against future attacks, making proactive security a reality.
Why Choose Falcon X?
Intelligence Automation
Automatically investigate all incidents and learn from the attacks in your environment. Threats are analyzed in minutes, not hours, empowering your team to outpace the adversary with smarter, faster responses.
Custom Indicators
Orchestrate defenses with custom indicators of compromise (IOCs) generated by threats from your endpoints, allowing you to proactively defend against future attacks.
CrowdStrike Expertise
Get ahead of adversaries with groundbreaking intelligence provided by CrowdStrike’s elite team of threat analysts, security researchers, cultural experts and linguists.
Service Offerings
Gartner states, "by 2021, endpoint protection platforms (EPPs) will provide automated, orchestrated incident investigation and breach response." CrowdStrike is making this prediction a reality by offering the first fully integrated threat intelligence and endpoint protection platform.
Falcon X automates the threat analysis process and delivers actionable intelligence and custom IOCs specifically tailored for the threats encountered on your endpoints. With this level of automation, you can stop picking and choosing which threats to analyze and start analyzing all threats.
Falcon X combines the tools used by world-class cyber threat investigators into a seamless solution and performs the investigations automatically. The integrated tool set includes malware analysis and malware search, and is enriched with threat intelligence. Falcon X enables all teams, regardless of size or sophistication, to understand better, respond faster and proactively get ahead of the attacker’s next move.
Automated Investigations
- Bring endpoint protection to the next level by combining malware sandbox analysis, malware search and threat intelligence in a single solution
- Reduce the time and skills required to perform manual incident investigations
- Identify and investigate related threats and block similar attacks in the future
Indicators of Compromise (IOCs)
- Visualize relationships between IOCs and adversaries found on your endpoints protected by the Falcon Platform
- Hunt for threats with IOCs enriched with context
- Strengthen defenses with CrowdStrike's real-time global IOC feed
- Pre-built integrations and APIs enable you to orchestrate defenses with existing security solutions
Actor Profiles
- Access 165+ profiles of nation-state, eCrime and hacktivist adversaries
- Identify adversaries focused on attacking your business, region, or industry
- Learn about your adversaries’ intent and capabilities and predict their next move
Extend Endpoint Integration
- Built into the Falcon Platform, there is no integration, administration or deployment required
- Protected endpoints automatically forward all quarantined files to Falcon X for immediate investigation
- Streamline your workflow and pivot seamlessly into adversary insights from other CrowdStrike modules
Falcon X Capabilities
Choose the option that suits you best
Falcon X
Automatically investigate incidents and accelerate alert triage and response. Built into the Falcon Platform, it is operational in seconds.
Falcon X Premium
Premium adds threat intelligence reporting and research from CrowdStrike experts - enabling you to get ahead of nation-state, eCrime and hacktivist adversaries.
Falcon X Elite
Elite expands your team with access to an intelligence analyst to help defend against adversaries targeting your organization.
Falcon X |
Falcon X Premium |
Falcon X Elite |
|
|---|---|---|---|
| Endpoint Integration As part of the CrowdStrike Falcon platform, there is nothing new to install, deploy or manage. Falcon detections are enriched with threat intelligence on Day One. |
 |
 |
 |
| Automated Investigations Falcon X automates malware analysis and malware search, reducing the time and skills required for incident investigations. |
|
|
|
| Indicators of Compromise (IOCS) Falcon X delivers IOCs derived from malware found on your endpoints and provides access to the global CrowdStrike IOC feed. |
|
|
|
| Intelligence Reports CrowdStrike Intelligence reports expose malicious actors, tools and methods. Reports include daily alerts, in-depth research and strategic insights for cybersecurity leadership. |
|
|
|
| Tailored Intelligence Monitor social media, paste sites, DDoS attacks and botnets for activity against your organization, brand, infrastructure or employees. |
|
|
|
| SNORT/YARA Rules Orchestrate defenses with YARA and SNORT rules created and validated by CrowdStrike Intelligence experts. |
|
|
|
| Assigned Intel Analyst Gain direct access to an assigned CrowdStrike Intelligence expert for up to four named contacts. |
|
||
| Requests for Information A CrowdStrike Intelligence expert conducts threat research on your behalf and provides a custom intelligence report. |
|
||
| Priority Intelligence Requirements PIRs help align your intel activities with company strategy. CrowdStrike collects your PIRs and proactively notifies you if activity against your PIRs is observed. |
|
Documentation:
Download the CrowdStrike Falcon X Datasheet (.PDF)