Comparisec
Submit reviewFor vendors
Threat IntelligenceCrowdStrike Falcon Intelligence
StrongStrongStrongStrong
4.7

VendorsThreat IntelligenceCrowdStrike Falcon Intelligence

CrowdStrike Falcon Intelligence logo

CrowdStrike Falcon Intelligence

CrowdStrike

Founded 2011·US·Public
4.7

Combined score

G2
4.6100
Gartner
4.7150

Security incident on recordJuly 2024 — Falcon sensor update caused global outage affecting ~8.5M Windows devices

Editorial verdict

CrowdStrike Falcon Adversary Intelligence derives its unique value from the same source that makes CrowdStrike EDR valuable: real-time telemetry from 10 plus trillion security events processed daily across the global Falcon sensor network. When CrowdStrike documents an adversary technique, it is because that technique was observed in live attacks against Falcon-protected endpoints, not because it was described in a forum post. The Forrester Wave highest score in the Current Offering category for threat intelligence reflects this sensor-derived intelligence quality. For existing Falcon customers, the intelligence is embedded directly in detections and investigation workflows without requiring a separate platform or workflow.

The verdict: CrowdStrike Falcon Adversary Intelligence is right for CrowdStrike Falcon customers wanting threat intelligence natively embedded in endpoint detection and SIEM workflows with the strongest sensor-derived adversary context. Organisations without Falcon deployed should evaluate Recorded Future or Mandiant for comparable intelligence depth without the platform dependency.

Last reviewed: May 2026

G2

4.6100 reviews

Gartner

4.7150 reviews

PeerSpot

8.880 reviews
Gartner MQ: Leader (Gartner TI MQ 2024)

Threat Intelligence assessment

PROTECTIONStrong
Intelligence depth
5 / 5
Threat actor coverage
5 / 5
OPERATIONSStrong
Workflow integration
5 / 5
Feed freshness
5 / 5
ANALYTICSStrong
Attribution & analysis
5 / 5
TRUST & ECOSYSTEMStrong
Source quality & accuracy
5 / 5

Strongest: Intelligence depth

Watch out for: Source quality & accuracy

Strengths & limitations

Strengths

Adversary Intelligence — deepest named threat actor tracking (300+ adversaries profiled)
Native integration with Falcon platform removes need for separate TI connector
Elite team — former government intelligence analysts and top security researchers

Watch out for

Full value requires existing Falcon EDR/XDR investment
Standalone TI less competitive than Recorded Future for non-CrowdStrike shops
Premium pricing stacks on top of Falcon platform costs

Best for

CrowdStrike Falcon customers wanting native threat intelligence automatically enriching detections and investigations.

Not suitable for: Organisations not on CrowdStrike Falcon platform — standalone Falcon Intelligence is priced for existing customers.

Compliance coverage

Essential Eight
AU Privacy Act
SOC 2
HIPAA
NIST CSF
PCI-DSS
CMMC
GDPR
NIS2
DORA
ISO 27001
CIS Benchmarks

Switching intelligence

Switching from

Common migration paths based on review data

  • Open source IOC feeds
  • Basic threat feeds

Also considering

Vendors typically shortlisted alongside

Also in our database

CrowdStrike also appears in:

← Back to Threat IntelligenceCompare with other Threat Intelligence vendors →

Quick facts

Pricing modeladd-on to Falcon platform; annual subscription
Pricing range$15,000-200,000+/year depending on tier
Free trialNo
Min seatsNo minimum
Deployment time< 1 week
Complexity2 / 5
Pricing transparency2 / 5
AU presenceYes
IRAP assessedYes
Open sourceProprietary

Deployment

ModelsSaaS
OS supportCloud-native
CloudAWS, Azure, GCP
Support24/7 Phone, Email, Dedicated CSM
Data residencyUS, EU, AU

Company

CrowdStrike

Founded 2011 · 10,000+ employees · Public

HQ: US

$3.95B revenue FY2024

Certifications

FedRAMP High, SOC 2 Type II, ISO 27001, PCI-DSS, IRAP PROTECTED

Integrations

Falcon XDRFalcon SOARSplunkMicrosoft SentinelServiceNowMISP300+ integrations