About

Falcon is CrowdStrike's cloud-based, holistic SIEM platform that provides next-generation antivirus (NGAV), endpoint detection and response (EDR), cyber threat intelligence, and more capabilities that prevent all types of attacks. It is installed on endpoint devices as a lightweight sensor that consumes very little resources, and is capable of replacing AV entirely, as well as a suite of other independent tools. Falcon can be installed on Windows, Linux, and macOS, as well as mobile devices.

Endpoint Detection and Response (EDR)

EDR is one of Falcon's core capabilities. It is best described as a solution that records behaviors at system-level for each endpoint, and it uses a multitude of data analytics techniques to detect suspicious behavior. Falcon also provides contextual information, blocks malicious activity, and provides suggestions for remediation of affected systems.

References

FAQ: What is Crowdstrike? | Platform, Products, & More
What is EDR? Endpoint Detection & Response Defined | CrowdStrike