CrowdStrike Falcon® Forensics

Streamline forensic data collection and analysis

Quickly conduct large-scale investigations across your organization.

Reduce complexity, simplify forensics

 

 

Automate point-in-time and historic forensic data collection across your endpoint fleet.

Unified platform for investigations

 

 

Maximize efficiency with integrated threat intelligence, adding rich context to forensics data.

Maximize your investment with diverse use cases

 

Threat hunting capabilities, periodic compromise assessments, asset risk analysis, and more.

 
 

Extended visibility

Intuitive dashboards surface activities and trends across historical and real-time data, revealing misconfigurations and artifact insights along a visual timeline.

Simplify workflows

Automate data collection, enrichment and correlation with threat intelligence, further enhancing and accelerating investigation workflows for analysts of all skill levels.

 
 
 

Streamlined data collection

Wide-aperture collection supports investigations across varying data types and across Windows, macOS, and Linux operating systems.

 

Featured resources

Data Sheet

Falcon Forensic

Read blog

Article

Digital Forensics and Incident Response

Learn more

Article

Compromise Assessments Explained

Learn more

Video

Falcon Real-Time Respone Demo

 

Learn more

Report

Gartner® Magic Quadrant™ for Endpoint Protection Platforms

Learn more

FAQ

Supported Operating System Versions

 

Learn more

You may be interested

28Feb

CrowdStrike Falcon® for Mobile

Big protection for small devices Extended protection to secure your mobile device fleet. Featured resources

Read more
27Feb

CrowdStrike Falcon® Insight for IoT

Traditional EDR wasn’t built for XIoT Tested and proven leader Related resources

Read more
27Feb

CrowdStrike Falcon® Firewall Management

No more complex management and configuration Get host firewall management that puts you in control. Featured resources

Read more
27Feb

CrowdStrike Falcon® Device Control

Comprehensive USB control that’s easy to manage Immediate USB device visibility, granular control, and protection at your fingertips.Immediate USB device visibility, granular control, and protection at your fingertips. Featured resources

Read more
27Feb

CrowdStrike Falcon® Prevent

Protect your endpoints from modern attacks From commodity malware to fileless and zero-day attacks, we’ve got you covered — even offline. Featured resources

Read more
27Feb

CrowdStrike Falcon® Insight XDR

From missed attacks and slow response to unbeatable protection with immediate ROI Featured resources

Read more