Falcon Security and IT operations
Threat intelligence software
Attack surface management software
System security software
Vulnerability management software
- Features
- Ease of use
- Ease of management
- Quality of support
- Affordability
- Market presence
Take the quiz to check if Falcon Security and IT operations and its alternatives fit your requirements.
$59.99 per device per year
Free Trial
Free version unavailable
Small
Medium
Large
-
What is Falcon Security and IT operations
Falcon Security and IT operations is an endpoint security and IT operations platform that combines device protection with visibility and response workflows. It is used by security operations and IT teams to monitor endpoints, investigate suspicious activity, and manage operational tasks such as asset visibility and remediation. The platform is delivered as a cloud-managed service with lightweight endpoint agents and integrates with common security and IT tooling.
Cloud-managed endpoint telemetry
The product centralizes endpoint telemetry and security events in a cloud console, which supports remote operations across distributed fleets. This model reduces reliance on on-premises management infrastructure and simplifies rollout across multiple sites. It also supports cross-endpoint investigations by correlating activity over time.
Security and IT ops alignment
The platform positions security monitoring alongside IT operations use cases such as asset visibility and remediation workflows. This can reduce tool sprawl for teams that otherwise use separate products for endpoint security and operational management. It also helps coordinate actions between SOC and IT when containment and recovery require endpoint changes.
Integrations and automation options
Falcon commonly integrates with SIEM, SOAR, ticketing, and identity tools to support alert routing and response workflows. These integrations help operationalize detections through case management and automated playbooks. This is important in environments where threat intelligence and vulnerability findings must translate into tracked remediation work.
Category scope can be unclear
The name and positioning span multiple domains (threat intelligence, attack surface management, vulnerability management, and endpoint security). Buyers may need to validate which capabilities are native versus delivered through add-on modules or integrations. This can complicate like-for-like comparisons during procurement.
Agent dependency on endpoints
Core capabilities typically rely on deploying and maintaining an endpoint agent. Highly locked-down devices, legacy operating systems, or unmanaged endpoints may have limited coverage. Agent health and version management can also become an operational requirement for accurate visibility.
External attack surface depth varies
Attack surface management and external threat intelligence capabilities can vary significantly by data sources, discovery methods, and enrichment. Organizations with heavy reliance on external digital risk monitoring may need to confirm coverage for domains, cloud assets, subsidiaries, and third-party exposures. Validation often requires proof-of-concept testing against known assets and historical incidents.
Plan & Pricing
| Plan | Price | Key features & notes |
|---|---|---|
| Falcon Go | $7.99 per device/month (billed monthly) or $59.99 per device/year (billed annually) | Entry-level "Security Essentials" bundle. Includes core protections (Next‑Gen Antivirus, Device Control, Mobile Device Protection, Firewall Management) and baseline EDR/threat intelligence capabilities as listed on the vendor pricing page; "Try free" available. |
| Falcon Pro | $14.99 per device/month (billed monthly) or $99.99 per device/year (billed annually) | Enhanced protection tier with additional EDR and firewall management capabilities over Go; "Try free" available. |
| Falcon Enterprise | $19.99 per device/month (billed monthly) or $184.99 per device/year (billed annually) | Advanced protection: continuous EDR, expanded threat intelligence & hunting, identity protection, IT hygiene, next‑gen SIEM capabilities; "Try free" available. |
| Falcon Complete (Next‑Gen MDR) | Contact sales / custom pricing | Fully managed MDR (24/7 expert‑led, AI‑accelerated MDR), additional add‑ons (e.g., Next‑Gen Identity Security, Next‑Gen SIEM), CrowdStrike Breach Prevention Warranty; pricing is by quote/contact sales. |
Notes: CrowdStrike advertises a 15‑day free trial ("Try for 15 days" / "Free — No credit card required") on its pricing page and offers monthly or annual billing with annual prices shown above. All prices shown are from CrowdStrike's official pricing pages and are in US dollars.
Seller details
CrowdStrike, Inc.
Austin, Texas, USA
2011
Public
https://www.crowdstrike.com/
https://x.com/CrowdStrike
https://www.linkedin.com/company/crowdstrike/
