CrowdStrike Falcon® Sandbox is an automated malware analysis solution that empowers security teams by overlaying comprehensive threat intelligence with the results of the world’s most powerful sandbox solution. This unique combination provides context, enabling analysts to better understand sophisticated malware attacks and tune their defenses. Falcon Sandbox performs deep analysis of evasive and unknown threats, enriches the results with threat intelligence, and delivers actionable indicators of compromise (IOCs). Falcon Sandbox enables cybersecurity teams of all skill levels to increase their understanding of the threats they face and use that knowledge to defend against future attacks.
What's new
Know them. Find them. Stop them.
Get a proactive, intelligence-driven defense
Threat intelligence and hunting. Powered by CrowdStrike.
Unified threat intelligence and hunting
Counter Adversary Operations delivers 24/7 threat hunting across all domains and automated investigation tools to outpace adversaries.
Make every security layer smarter
Integrate threat intelligence across your defenses for better and faster decisions.
All-domain threat hunting
CrowdStrike Falcon® Adversary OverWatch is the industry’s first and only 24/7 managed threat hunting service that proactively hunts adversaries across all attack surfaces. It leverages CrowdStrike first-party endpoint, identity, and cloud data, extended to available third-party Next-Gen SIEM data for a comprehensive picture. Powered by industry-leading threat intelligence and advanced AI, our experts never sleep to stop the breach.
×
![]()
×
![]()
Monitor your brand for fraud
See threats beyond your perimeter with real-time intelligence that uncovers domain impersonations, exposed credentials, and data leakage through customizable monitoring rules. We’re watching for any threat to your brand.
Know your adversary
CrowdStrike Falcon® Adversary Intelligence provides detailed profiles of 255+ adversaries, including nation-states, eCrime groups, and hacktivists. Each profile breaks down their methods, maps their tactics to the MITRE ATT&CK™ framework, and reveals the vulnerabilities they exploit.
×
![]()
×
![]()
Advanced malware and threat analysis
Seamlessly integrated into your security operations, our advanced sandbox automates file, email, and command line analysis within seconds. Triage faster and get essential context for informed next steps.
Industry-leading intelligence reports and analysis
CrowdStrike Falcon® Adversary Intelligence Premium delivers thousands of intelligence reports each year and empowers your team to reduce the attack surface, improve defenses, guide threat hunters and detection engineers, and update leadership on the most relevant threats to your business.
×
![]()
×
![]()
Instantly deploy prebuilt hunting and detection libraries
Reduce the workload of in-house security engineering teams by accessing regularly updated libraries of hunting queries and detection rules created and validated by CrowdStrike experts.
Forrester names CrowdStrike a “Leader” in The Forrester Wave™: External Threat Intelligence Service Providers, Q3 2023
CrowdStrike received the highest ranking of all vendors in the Current Offering category, with the highest score possible in 16 criteria, surpassing all other vendors evaluated in the report.
×
![]()
See why customers trust CrowdStrike
- Security Sales Manager
- IT Engineer
- Security Sales Manager
- System Engineer
Disrupt adversaries. Stop breaches.
Products and services to outpace threat actors.
Featured Resources
1 CrowdStrike BVA – CrowdStrike BVA numbers are projected estimates of average benefits based on recorded metrics provided by customers with 50 security team members and 6 analysts during pre-sale motions that compare the value of CrowdStrike with the customer’s incumbent solution. Actual realized value will depend on individual customer’s module deployment and environment.
Threat Intelligence FAQs
CrowdStrike Falcon® Sandbox FAQ
1 Calculated by multiplying the average number of alerts triaged by Charlotte AI by a 5-minute triage time per alert as estimated by the Falcon Complete team. Individual results may vary based on factors such as total alert volume.
2 Accuracy rating is a measure of Charlotte AI triage decisions that match the expert decisions from the CrowdStrike Falcon Complete Next-Gen MDR team.
3 Results based on a survey of Charlotte AI early adopters. Individual results may vary.
2 Accuracy rating is a measure of Charlotte AI triage decisions that match the expert decisions from the CrowdStrike Falcon Complete Next-Gen MDR team.
3 Results based on a survey of Charlotte AI early adopters. Individual results may vary.
