Home IT CrowdStrike Falcon

CrowdStrike Falcon

Unified endpoint protection platform
our rating 4.5 out of 5 Stars

CrowdStrike FalconProduct Overview

  1. About CrowdStrike Falcon
  2. Pros of CrowdStrike Falcon
  3. Cons of CrowdStrike Falcon
  4. Breakdown of core features

CrowdStrike Falcon product overview

Falcon from CrowdStrike is an endpoint protection platform purpose-built to stop breaches with cloud-delivered technologies that prevent all types of attacks, including malware. It responds to security challenges with a solution that combines next-generation antivirus (NGAV), endpoint detection and response (EDR), cyber threat intelligence, managed threat hunting capabilities, and security hygiene.

Falcon leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft, and enriched telemetry from across the enterprise. It delivers accurate detections, automated protection and remediation, elite threat hunting, and prioritized observability of vulnerabilities.

With a single lightweight-agent architecture, Falcon enables customers to benefit from rapid and scalable deployment, reliable protection and performance, reduced complexity, and immediate time-to-value. The platform is highly modular and extensible, ensuring that customers can solve new security challenges with a single click — without the need to re-architect or re-engineer the solution.

Pros of CrowdStrike Falcon

Back to top ↑

  • Falcon harnesses the power of big data and artificial intelligence to empower teams with instant visibility.
  • The platform is cloud-native, eliminating complexity and simplifying deployment to drive down operational costs.

Cons of CrowdStrike Falcon

Back to top ↑

  • It doesn’t support legacy operating systems.

Breakdown of core features

Back to top ↑

Endpoint detection and response (EDR)

Falcon continuously monitors all endpoint activity and analyzes the data in real-time to automatically identify threat activity. It detects and prevents advanced threats as they happen. Moreover, it streams all endpoint activities to the system so that security teams can rapidly investigate incidents, respond to alerts, and proactively hunt for new threats.

Extended detection and response (XDR)

Falcon XDR extends EDR capabilities and delivers multi-domain detection and orchestrated response. It improves threat visibility across the enterprise, accelerates security operations, and minimizes risk. Additionally, it seamlessly adds third-party telemetry from a wide range of security solutions to threat-centric data fabric, powering the next generation of detection, protection, and elite threat hunting to stop breaches faster.

MITRE ATT&CK® mapping

The software’s alerts to the MITRE ATT&CK® framework allow users to understand even the most complex detections at a glance, decreasing the time required to triage alerts and accelerating prioritization and remediation. In addition, the intuitive UI enables teams to pivot quickly and search across the entire organization within seconds.

Device control

The Device Control feature ensures the safe utilization of USB devices across the organization. It merges visibility and granular control, enabling administrators to ensure that employees use only approved devices. When used with Falcon EDR, visibility is enhanced, adding searchable history and logs of USB device usage, including files written to devices. This feature does not require additional endpoint software installation or hardware to manage.

(Last updated on 02/11/2022 by Liz Laurente-Ticong)

Quick Facts

  • Industry Specialties
    All Industries
  • Pricing
  • Works Best For
    Any Sized Businesses





  • Next Generation Antivirus (NGAV)
  • Endpoint Detection and Response (EDR)
  • USB Device Control
  • Host Firewall Control
  • Mobile Endpoint Detection and Response
  • Forensic Data Analysis
  • Managed Threat Hunting
  • Security Hygiene
  • Vulnerability Management
  • Threat Intelligence
  • Malware Search Engine
  • Automated Malware Analysis
  • Identity Threat Protection (ITD)
  • Zero Trust


  • Proofpoint
  • ServiceNow
  • Okta
  • Netskope
  • Mimecast
  • Zscaler
  • Google Cloud
  • Amazon Web Services
  • Cloudflare for Teams
  • Medigate Device Security Platform
  • Claroty
  • Exabeam
  • Splunk
  • Sumo Logic Cloud SIEM
  • IBM Security

Pricing Model

  • Falcon Pro
  • Falcon Enterprise
  • Falcon Premium
  • Falcon Complete


  • English
  • Japanese