Call a Specialist Today! 800-886-5369

CrowdStrike Falcon Insight
Endpoint Detection & Response

CrowdStrike Falcon InsightStreaming the threat detection and response lifecycle with speed, automation and unrivaled visibility.

EDR Made Easy

Traditional endpoint security tools have blind spots, making them unable to see and stop advanced threats. CrowdStrike Falcon Insight™ solves this by delivering complete endpoint visibility across your organization.

Insight continuously monitors all endpoint activity and analyzes the data in real time to automatically identify threat activity, enabling it to both detect and prevent advanced threats as they happen. All endpoint activity is also streamed to the CrowdStrike Falcon platform so that security teams can rapidly investigate incidents, respond to alerts and proactively hunt for new threats.

Key Benefits

The Complete EDR Solution

The Complete EDR Solution

Regardless of how advanced your defenses are, there’s a chance that attackers will do an “end run” on your security solution and slip through to gain access to your environment. Conventional defenses don’t know and can’t see when this happens, resulting in “silent failure.” When silent failure occurs, it can allow attackers to dwell in your environment for days, weeks or even months without raising an alarm. The solution lies in continuous and comprehensive visibility into what is happening on your endpoints in real time.

CrowdStrike Falcon Insight™ eliminates silent failure by providing the highest level of real-time monitoring capabilities that span across detection, response and forensics. This ensures nothing is missed, leaving attackers with no place to hide. Falcon Insight provides organizations with state-of-the-art endpoint detection and response (EDR), following an approach recommended by top analyst firms such as Gartner.

"Enterprises that know compromise is inevitable and are looking for endpoint-based approaches for advanced threat detection, investigation and response capabilities, should consider EDR solutions." — Neil MacDonald, VP Distinguished Analyst

Gartner scored CrowdStrike as"strong" in all endpoint detection & response use cases evaluated in a comparative assessment report called Comparison of Endpoint Detection and Response Technologies and Solutions, published in 2016.*

*Source: Gartner Comparison of Endpoint Detection and Response (EDR) Technologies and Solutions 2016 at (account required)

The Power to Prevent Silent Failure and Stop Breaches

Falcon Insight relies on CrowdStrike’s revolutionary cloud-delivery architecture, providing a communications fabric unlike any other. Using an advanced graph data model, CrowdStrike Threat Graph™ collects and inspects event information in real time to prevent and detect attacks on your endpoints. As part of the Falcon endpoint protection platform, Falcon Insight records all activities of interest on an endpoint for deeper inspection — on-the-fly and after-the-fact — allowing users to quickly detect, investigate and respond to attacks — even those that evade standard prevention measures.

Indicator of Attack (IOA) Behavioral Protection
Indicator of Attack (IOA) Behavioral Protection:
Automatic detection of IOAs to identify attacker behavior and stop attacks, with prioritized alerts sent to Falcon web management console — eliminating the need for time-consuming manual searches.
Real-Time Visibility
Real-Time Visibility:
Complete oversight of security-related endpoint activity, allowing you to “shoulder surf” adversary activities, even when they try to breach your environment.
Five-Second Search
Five-Second Search:
Discover and investigate current and historic endpoint activity — go back one second, one day or even one year of activity — all at your fingertips.
Insight and Intelligence
Insight and Intelligence:
Events can be contextualized by threat intelligence, providing details on the attributed adversary and any other information known about the attack.
Immediate Response
Immediate Response:
Act against adversaries in real time to stop attacks before they become breaches. Powerful response actions allow you to contain and investigate compromised systems, eradicate threats with surgical precision and get back to business quickly.
Zero Impact on Endpoints
Zero Impact on Endpoints:
A cloud-delivered SaaS solution, Falcon Insight deploys in seconds with near zero impact on endpoint performance - even when analyzing, searching and investigating.

Key Product Capabilities

Simplify Detection and Resolution

Gain Full-Spectrum Visibility in Real Time

Immediate Time-To-Value


Download the CrowdStrike Falcon Insight Datasheet (.PDF)