Endpoint Sensor: CrowdStrike Falcon

Falcon continuously collects endpoint activity and streams it to the cloud.

CrowdStrike Falcon gives organizations visibility into an extensive set of endpoint telemetry. The sensor collects and transmits the robust data set to Red Canary for additional analysis and signs of potential threats.

CrowdStrike Falcon is a leader in the EDR market. The sensor also comes with additional capabilities like NGAV and advanced reporting, all of which helps customers stop breaches. 

Learn More About CrowdStrike Falcon

Lightweight, Never Impacting Performance

CrowdStrike Falcon is an extremely lightweight agent (5MB).  It uses less than a percent of CPU, is invisible to end users, and does not impact productivity. 

Easily Deployed Using the Cloud

With zero hardware or additional software requirements, Falcon can be delivered and managed instantly via the Cloud. It hits the ground running, monitoring and recording on installation without requiring reboots or complex configuration.

Full-Spectrum Visibility

Falcon collects over 200 endpoint event types and related information, all of which can be easily accessed and queried for up to 90 days.

OS Coverage

Windows 7+, Windows Server 2008+, CentOS/RedHat 6.2+, Ubuntu 14.04+, and Mac OS X 10+.

Cloud and VDI

Red Canary monitors systems run in a VDI environment, thin client setup, or elastic compute environments such as AWS. Bake the sensor into your gold image and ensure systems are monitored the moment they come online.

Existing CrowdStrike customer?


A defense contractor closes critical gaps with Red Canary