Call a Specialist Today! 800-886-5369

CrowdStrike Falcon Spotlight
Fast, Effective Vulnerability Assessment

CrowdStrike Falcon SpotlightThe presence of vulnerabilities in applications and operating systems provides attackers with flaws they can exploit to compromise your systems. That’s why it’s critical that organizations detect and patch vulnerabilities quickly. However, it’s easier said than done — the large number of breaches that begin with the exploitation of a vulnerability proves it.

Scanless Instant Vulnerability Assessment

CrowdStrike Falcon Spotlight™ offers security teams a real-time assessment of vulnerability exposure on their endpoints that is always current. Falcon Spotlight’s native integration into the CrowdStrike Falcon platform enables customers to operate vulnerability assessment within a complete endpoint protection framework. Falcon Spotlight adds preparation and readiness to the unparalleled prevention, detection and response provided by the Falcon platform, resulting in a stronger security posture and unprecedented breach protection.

Key Benfits

Vulnerabilities Impact Organizations of all Sizes, Giving Rise to Three Common Issues:

  1. Scanning is slow and burdensome
    Legacy vulnerability scanners are dinosaurs; they are slow, hard to manage and can have a major impact on your environment. Scans can take days to deliver results, which may be obsolete as soon as they arrive.
  2. Vulnerability reports are unusable
    Legacy vulnerability scanners generate a mountain of results and lock them away in a silo. Access is funneled through unwieldy thousand-page reports. During incident response, timely information on security posture could cut minutes or hours from response time, but not if that information is locked away in a massive PDF on the other side of the planet.
  3. Vulnerability scans have blind spots
    Corporate assets are becoming increasingly fluid. With remote workers, virtualization and the cloud, assets are not always connected directly to the corporate network — which means assessments based on network scans will miss them.

It's time for a new approach

Falcon Vulnerability Management

  • Holistic Protection
    With Falcon Spotlight and the Falcon platform, you not only see your security gaps, you see which gaps your adversary is targeting. This arms you with powerful proactive protection to block advanced attacks
  • Simplicity
    Falcon Spotlight delivers information that is always up to date, putting it seamlessly into the hands of security analysts to help improve response time and reduce the effort needed to understand your security
  • Timely Knowledge On-Demand
    There are no scanners to deploy and manage and no new agents. Just turn on Falcon Spotlight and start seeing results. Spotlight sees it all, whether the endpoint is physical or virtual, on- or off-premises, or on-the-move.
  • Zero Impact
    CrowdStrike’s cloud-based architecture enables constant visibility into endpoint vulnerabilities without cumbersome and resource-intensive network or host scans.

Key Product Capabilities

Falcon Spotlight solves the challenges that plague traditional vulnerability assessment and management solutions by delivering the following benefits:

Scanless Integration with The Falcon Platform

  • Connects the dots
    Tight integration with other Falcon modules means you can quickly pivot between vulnerability information, incidents details and endpoint activities, not only in real time but also historically.
  • Prevent while you patch
    The Falcon platform mitigates the risk from vulnerabilities that cannot be patched quickly by preventing and detecting exploit attempts as well as post exploitation activities. This buys you precious time to patch your systems against future attacks.

No Scanners, No New Agents

  • Eliminate scanning
    Falcon Spotlight uses the Falcon agent to continuously monitor the vulnerability status of endpoints and stream data to the cloud, eliminating the need for scheduled scans while still providing complete visibility into vulnerabilities.
  • Visibility everywhere
    Spotlight monitors all endpoints via the Falcon sensor, whether on- or off-network, on-premises, off-premises or in the cloud and on both physical and virtual endpoints.
  • Zero impact on performance
    Vulnerability management is scan-less and vulnerabilities are identified in the cloud with no additional impact to endpoints or the network.

Frictionless Access to Vulnerability Data

  • Real-time dashboard and search
    Falcon Spotlight makes data easily available to security analysts through a series of intuitive dashboards and real-time search. Legacy solutions lock critical information up in silos and thousand-page reports. Spotlight unleashes this information in real time — when and where it’s needed.
  • Enhance existing vulnerability management solutions
    Falcon Spotlight adds deeper visibility and provides threat context, enabling security teams to see both the presence of a vulnerability and evidence of exploitation attempts in their environments.


  • Easy deployment
    As part of the Falcon platform, Falcon Spotlight does not require the installation of additional agents, management infrastructure or management consoles, making deployment easy and efficient.
  • Immediately operational
    Falcon Spotlight can be deployed instantly for unrivaled time-to-value. As soon as it is installed, it hits the ground running, monitoring and identifying vulnerabilities across your organization without requiring reboots, query writing, staging or complex configuration.
  • Seamless, cloud-based protection
    Leveraging CrowdStrike’s cloud-native architecture, Falcon Spotlight gives security teams the power to protect systems — whether those systems are on-premises, off-network or in a cloud environment.


Download the CrowdStrike Falcon Spotlight Datasheet (.PDF)