Identity
Falcon Identity Protection is purpose-built to detect and stop attacks targeting this foundational enterprise directory
What is Active Directory
AIDR leverages AI-powered behavioral analysis to detect this specific risk where employees are actively using unsanctioned AI tools in the environment
What is Shadow AI
Falcon Complete provides this guarantee to customers a financial commitment that covers losses if a breach occurs while under the service, making it one of the strongest promises in the MDR industry
What is the Breach Prevention Warranty
This module module provides real-time, agent-based vulnerability management using the existing Falcon sensor already deployed on endpoints to continuously scan for CVEs and misconfigurations
What are Falcon Spotlight
Falcon Cloud Security provides native security coverage across these three major public cloud providers
What are Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP)
Falcon Identity Protection integrates with these third-party tools that ensure true identity verification via a pin or a push notification confirmation.
What is MFA
AIDR is designed to detect this emerging AI-specific attack technique where adversaries embed malicious instructions inside content fed to a corporate AI system manipulating the model.
What is Prompt Injection
Falcon Complete follows this industry framework for detection, investigation, and response
What is 1-10-60 framework
This module provides security hygiene visibility giving security teams a real-time view of all managed and unmanaged devices, user accounts, applications, and network connections
What is Falcon Discover
This Cloud Security capability continuously audits cloud environments for misconfigurations, insecure settings, and compliance violations across multi-cloud infrastructure.
What is Cloud Security Posture Management (CSPM)
According to CrowdStrike's threat intelligence research, this staggering percentage of modern cyberattacks now involve identity-based techniques
What is 80%
Falcon AIDR secures two distinct use cases within an organization regarding AI usage
What is employee AI usage (AI Workforce) or in house built/deployed internal AI agents (AI Agents)
These 5 modules including 2 human teams and 3 technology components make up the Falcon Complete for endpoint package
What is Falcon Prevent, Falcon Insight, Falcon Discovery, Falcon Overwatch, and Falcon Complete
This module continuously discovers internet-facing assets and unknown infrastructure from the attacker's perspective giving organizations an outside-in view of their external attack surface
What is Falcon Surface
FCS uses these findings to identify insecure cloud resources such as publicly exposed storage buckets, overly permissive security groups, and disabled logging settings across AWS, Azure, and GCP.
What are Indicators of Misconfiguration (IOMs)
Falcon Identity Protection provides visibility and risk scoring across these three specific account types found in enterprise Active Directory environments
What are End User Accounts, Third Party Accounts, and Service Accounts
Falcon AIDR defends against this sophisticated AI-specific attack where adversaries deliberately inject corrupted, biased, or malicious data into an AI model's training pipeline
What is AI Training Data Poisoning (Model Poisoning / Training Pipeline Corruption)?
Falcon Complete provides customers with this specific document a detailed breakdown that outlines the exact scope of remediation actions CrowdStrike analysts are authorized to take on a customer's behalf
What is Appendix B
FEM is built to discover this category of forgotten or unauthorized internet-facing infrastructure, or unmonitored hardware or software that IT and security teams may have no record of.
What is Shadow IT
This capability identifies excessive permissions across cloud identities and workloads addressing the risk that most cloud breaches stem from over-privileged accounts rather than malware.
What is Cloud Infrastructure Entitlement Management (CIEM)
Falcon Identity Protection cross-references enterprise account credentials against this well-known publicly available database to automatically flag any employee accounts whose passwords have been exposed in historical data breaches
What is Have I Been Pwned Database
Falcon AIDR discovers and maps relationships between these four specific entities within an organization's AI environment
What are Users, Prompts, Models, and Agents
Falcon Complete organizes its SOC analysts into these dedicated groups each assigned to a specific set of customer environments ensuring that the same experts who know a customer's environment are the ones responding to threats
What are Falcon Complete Fire Teams
This capability uses this type of scoring system to prioritize which vulnerabilities pose the greatest real-world risk based on active exploitation likelihood rather than just severity ratings alone.
What is ExPRT.AI
FCS protects this increasingly popular deployment unit, a lightweight, portable software package by scanning for vulnerabilities at build time and monitoring for malicious behavior at runtime.
What is a Container