Threat Intelligence (Falcon X)

Falcon X is an automatic threat analysis platform module that integrates threat analysis (Falcon Sandbox) / malware database (Falcon MalQuery) / threat intelligence (Falcon Intelligence).

Discovered malware and suspicious files can be analyzed, and the results can be collated with CrowdStrike's threat intelligence, such as information about related malware and attackers.
We contribute to strengthening customer security by providing information on threats.

When a malware is detected, it can be treated as complete by blocking or quarantining, but it is not possible to confirm what kind of impact it may have if the malware actually infringes.
In addition, if there is no information on the existence of similar malware or the methods of attackers, there is a possibility of additional detections and impacts.

The use of threat intelligence is effective when obtaining information such as what kind of attacker uses what kind of malware, tools, and methods to cause what kind of impact.
By using threat intelligence to confirm the type of attack instead of leaving it as it is when a detection occurs, it is possible to strengthen your company's security measures.

(1) Analysis function

Box analysis of files detected and quarantined by CrowdStrike's NGAV capabilities, as well as other suspicious files.

Analysis results can be obtained as a report.

If the analysis result is malignant, you can download an IOC that can be used in other security products.

(2) Malware database

You can search for malware using CrowdStrike Holdings、Inc. 's intelligence and view information on similar malware.

(3) Threat intelligence on attackers

Information and reports on cyber attacker profiles and attack operations are available.