CrowdStrike is present in 20 markets with 20 products. CrowdStrike has 6328 reviews with an overall average rating of 4.7.
Application Security Posture Management (ASPM) Tools
Application security posture management (ASPM) tools continuously manage application risk through collection, analysis and prioritization of security issues from across the software life cycle. They ingest data from multiple sources, maintain an inventory of all software within an organization, correlate and analyze findings for easier interpretation, triage and remediation. They enable the enforcement of security policies and facilitate the remediation of security issues while offering a comprehensive view of risk across applications.
CrowdStrike has 1 product in Application Security Posture Management (ASPM) Tools market
Cloud Security Posture Management Tools
Cloud security posture management tools help in the identification and remediation of risks across cloud infrastructures, including Infrastructure as a Service (IaaS), Software as a Service (SaaS), and Platform as a Service (PaaS). These tools continuously assess the security posture across multi-cloud environments by maintaining a current inventory of the cloud assets for proactive analysis and risk assessment to detect any misconfigurations. Once these misconfigurations are identified, security controls are developed and implemented. CSPM solutions also integrate with DevOps tools, streamlining the incident response process and ensuring continuous compliance with regulatory requirements and security frameworks by providing visibility of the cloud environment’s security posture.
CrowdStrike has 1 product in Cloud Security Posture Management Tools market
Cloud-Native Application Protection Platforms
Cloud-native application protection platforms (CNAPPs) are a unified and tightly integrated set of security and compliance capabilities, designed to protect cloud-native infrastructure and applications. CNAPPs incorporate an integrated set of proactive and reactive security capabilities, including artifact scanning, security guardrails, configuration and compliance management, risk detection and prioritization, and behavioral analytics, providing visibility, governance and control from code creation to production runtime. CNAPP solutions use a combination of API integrations with leading cloud platform providers, continuous integration/continuous development (CI/CD) pipeline integrations, and agent and agentless workload integration to offer combined development and runtime security coverage.
CrowdStrike has 1 product in Cloud-Native Application Protection Platforms market
Data Loss Prevention
Gartner defines data loss prevention (DLP) as a technical control designed to prevent data loss in order to comply with personal data regulations, prevent unintended disclosure, minimize insider risk and ensure that sensitive data is not overly accessible. DLP controls are typically applied to reduce the data risk for two states of unstructured data: data at rest and data in motion. Depending on the state of the data, DLP applies detective, preventive or corrective controls, including alerting, quarantining, blocking, redaction or access restriction.
CrowdStrike has 1 product in Data Loss Prevention market
Data Security Posture Management
Data security posture management (DSPM) discovers previously unknown data across on-premises data centers and cloud service providers (CSPs). It also helps categorize and classify previously unknown and discovered unstructured and structured data. As data rapidly proliferates, DSPM assesses who has access to it to determine its security posture and exposure to privacy, security and AI-usage-related risks. DSPM is delivered as software or as a service.
CrowdStrike has 1 product in Data Security Posture Management market
Digital Forensics and Incident Response Retainer Services
Digital forensics and incident response (DFIR) retainer services help organizations assess and manage the impact of a security incident. Digital forensics (DF) services assist with forensic response, aid in forensic information gathering and advise on proactive best practices for avoiding a breach. Incident response (IR) services assist with breach investigation, triage and impact classification. These capabilities are delivered as professional services, supported by technology services from the same provider.
CrowdStrike has 1 product in Digital Forensics and Incident Response Retainer Services market
Endpoint Protection Platforms (Transitioning to Endpoint Protection)
Gartner defines an endpoint protection platform (EPP) as security software designed to protect managed endpoints — including desktop PCs, laptop PCs, virtual desktops, mobile devices and, in some cases, servers — against known and unknown malicious attacks. EPPs provide capabilities for security teams to investigate and remediate incidents that evade prevention controls. EPP products are delivered as software agents, deployed to endpoints, and connected to centralized security analytics and management consoles. EPPs provide a defensive security control to protect end-user endpoints against known and unknown malware infections and file-less attacks using a combination of security techniques (such as static and behavioral analysis) and attack surface reduction capabilities (such as device control, host firewall management and application control). EPP prevention and protection capabilities are deployed as a part of a defense-in-depth strategy to help reduce the endpoint attack surface and minimize the risk of compromise. EPP detection and response capabilities are used to uncover, investigate and respond to endpoint threats that evade security protection, often as a part of broader threat detection, investigation and response (TDIR) capable products.
CrowdStrike has 1 product in Endpoint Protection Platforms (Transitioning to Endpoint Protection) market
Exposure Assessment Platforms
Exposure assessment platforms (EAPs) continuously identify and prioritize exposures, such as vulnerabilities and misconfigurations, across a broad range of asset classes. They natively deliver or integrate with discovery capabilities, such as assessment tools, that enumerate exposures, like vulnerabilities and configuration issues, to increase visibility. EAPs use techniques like threat intelligence (TI) to analyze an organization’s attack surfaces and weaknesses, and prioritize treatment efforts for high-risk exposures by incorporating threat landscape, business and existing security control context. Through prioritized visualizations and treatment recommendations, EAPs help provide direction for mobilization, identifying the various teams involved in mitigation and remediation. EAPs are primarily delivered as self-hosted software or as a cloud service, and may use agents for exposure information collection.
CrowdStrike has 1 product in Exposure Assessment Platforms market
Extended Detection and Response
Extended detection and response (XDR) delivers security incident detection and automated response capabilities for security infrastructure. XDR integrates threat intelligence and telemetry data from multiple sources with security analytics to provide contextualization and correlation of security alerts. XDR must include native sensors, and can be delivered on-premises or as a SaaS offering. Typically, it is deployed by organizations with smaller security teams.
CrowdStrike has 1 product in Extended Detection and Response market
External Attack Surface Management
External Attack Surface Management (EASM) market refers to solutions that continuously discover, inventory, and monitor an organization’s internet‑facing digital assets from an attacker’s perspective. These platforms identify unknown or unmanaged assets, exposed services, misconfigurations, and vulnerabilities across cloud, SaaS, on‑premises, and third‑party environments. EASM solutions contextualize external exposures with risk scoring, threat intelligence, and business relevance to help organizations prioritize remediation efforts. The market exists to help cybersecurity teams proactively reduce exposure by maintaining visibility of their internet-facing assets. Who are the target users of External Attack Surface Management (EASM) Software? Typical users include cybersecurity teams, vulnerability management professionals, risk managers, and IT security leaders in organizations of all sizes. EASM solutions are especially valuable for enterprises with complex, distributed environments, frequent cloud adoption, or multiple subsidiaries and third-party relationships. Executives responsible for organizational risk and compliance also benefit from the enhanced visibility and reporting capabilities these platforms provide. What are the core capabilities of External Attack Surface Management (EASM) Software? Asset Discovery and Inventory: Identification of internet‑facing infrastructure (e.g., domains, subdomains, IPs, cloud assets, SaaS, APIs, certificates, shadow IT) Asset Attribution & Ownership Mapping Technology Fingerprinting (e.g., frameworks, CMS, web servers, open‑source components) Third‑Party and Subsidiary Mapping Continuous Monitoring & Change Detection: Change Detection (new services, DNS changes, IP reassignments, open ports) Asset Lifecycle Tracking (new, modified, decommissioned assets) Certificate Monitoring (expiration, weak cryptography, unauthorized issuance) Exposure & Vulnerability Identification: Open Port and Service Enumeration Configuration and Security Misconfiguration Detection Known Vulnerability Mapping (CVE/CWE) Insecure Protocol and Cipher Detection Unprotected Cloud Storage & APIs Expired or Weak Certificates Exposed Secrets (tokens, API keys) Risk Prioritization & Contextual Analysis Risk Scoring (asset‑level and organization‑level) Business Context Mapping (e.g., production vs dev, internet‑facing criticality) Exploitability Context Attack Path Visualization Integration with Threat Intelligence Feeds Attacker‑View Asset Mapping Known Attacker Techniques mapping (MITRE ATT&CK alignment) Remediation & Workflow Enablement Remediation Guidance (e.g., automated attack surface reduction suggestions) Integration with Ticketing Systems (e.g., ServiceNow, Jira) Security Tool Integrations (e.g., SIEM, SOAR, vulnerability scanners) Ownership Assignment & SLA Tracking Evidence and Verification of Fixes Reporting & Visualization Executive Dashboards Technical Analyst Views Asset and Risk Heatmaps Exposure Trends Over Time Custom Report Builder What are the benefits of External Attack Surface Management (EASM) Software? EASM software helps organizations proactively reduce their cyber risk by maintaining comprehensive visibility of all internet-facing assets and exposures. Security teams benefit from automated discovery, prioritized remediation, and streamlined workflows, enabling faster and more effective risk reduction. Executives and risk leaders gain confidence through real-time dashboards, trend analysis, and clear evidence of remediation, supporting stronger governance, compliance, and organizational resilience against external threats.
CrowdStrike has 1 product in External Attack Surface Management market
IT Security
IT Security refers to products and services that protect digital systems and data from cyber threats and unauthorized access. This category includes markets that focus on network security, identity management, data protection, and cloud security, enabling organizations to reduce risk, ensure compliance, and operate securely in a digital world.
CrowdStrike has 1 product in IT Security market
Identity Threat Detection and Response (ITDR)
Identity Threat Detection and Response (ITDR) encompasses a suite of security practices and technologies dedicated to detecting, investigating, and responding to threats that target digital identities within an organization. As identity-related attacks such as compromised credentials, privilege escalation, and unauthorized access become increasingly common, ITDR solutions play a pivotal role in safeguarding sensitive systems and data. These solutions work by continuously monitoring identity activities, analyzing behavioral patterns, and identifying anomalies that may signal malicious intent. When a threat is detected, ITDR tools empower security teams to respond rapidly through measures like isolating affected accounts, enforcing multi-factor authentication, or triggering automated remediation workflows. In an era where digital identities are a primary attack vector, ITDR is essential for strengthening an organization’s overall security posture. Who are the target users of Identity Threat Detection and Response (ITDR) solutions? Primary users of ITDR solutions include security operations teams, IT administrators, and identity and access management (IAM) professionals within organizations of all sizes. Chief Information Security Officers (CISOs), compliance managers, and risk management teams also rely on ITDR to ensure regulatory compliance and reduce the risk of data breaches. These solutions are especially critical for, remote workforces, or heightened regulatory requirements. What are the core capabilities of Identity Threat Detection and Response (ITDR) solutions? Anomaly-Based Threat Detection: Tracks identity behavior to detect unusual patterns like odd login times or access spikes that may signal compromised accounts or insider threats. Real-Time Alerting: Delivers instant notifications when identity-related risks are detected, helping security teams act before damage occurs. Automated Threat Response: Takes immediate action such as locking accounts or triggering MFA to contain threats without waiting for manual intervention. What are the benefits of Identity Threat Detection and Response (ITDR) solutions? ITDR solutions help organizations proactively defend against identity-based attacks, reducing the risk of data breaches and operational disruptions. Security teams benefit from faster threat detection and response, improved visibility into identity-related risks, and reduced manual workloads through automation. Executives and compliance leaders gain confidence in their organization’s ability to meet regulatory requirements and protect sensitive information, ultimately enhancing the organization’s reputation and resilience against evolving cyber threats.
CrowdStrike has 1 product in Identity Threat Detection and Response (ITDR) market
Managed Detection and Response
Gartner defines managed detection and response (MDR) services as those that provide customers with remotely delivered security operations center (SOC) functions. These functions allow organizations to perform rapid detection, analysis, investigation and response through threat disruption and containment. They offer a turnkey experience, using a predefined technology stack that commonly covers endpoints, networks, logs and cloud. Telemetry is analyzed within a provider’s platform using a range of techniques. The MDR provider’s analyst team then performs threat hunting and incident management to deliver recommended actions to their clients. MDR offers outcome-driven security incident management that is predicated on the detection, analysis and investigation of potentially impactful security events and the delivery of active threat disruption and containment actions to respond to and mitigate the impact of cyber breaches.
CrowdStrike has 1 product in Managed Detection and Response market
Mobile Threat Defense (Transitioning to Workspace Security Platforms)
Mobile threat defense (MTD) products protect organizations from malicious threats on iOS and Android devices, at the device, network and application levels. To successfully attack a mobile device, mobile malware must circumvent the controls built into mobile OSs, such as those for app store curation and native mobile OS hardening. MTD products tend to focus on preventing and detecting anomalous behavior by collecting and analyzing indicators of compromise, as well as expected behavior. MTD products gather threat intelligence from the devices they support, as well as from external sources, and use an analysis engine that resides in the cloud, on-premises or on an MTD app installed on devices.
CrowdStrike has 1 product in Mobile Threat Defense (Transitioning to Workspace Security Platforms) market
Removable Media Security
Removable media security refers to set of policies, technologies and best practices to protect data and systems from the risk associated with portable storage devices. These devices, known as removable media, include USB flash drives, External hard drives (HDDs), solid-state drives (SSDs), memory cards, smartphones and tablets etc. Removable media security prevents data breaches and malware infections by controlling and monitoring the use of USB drives, external disks, and other portable devices within an organization. This proactive protection helps maintain regulatory compliance, offers peace of mind through detailed audit trails, and reduces the risk of costly downtime or data loss due to unsafe media usage. This security framework includes access restrictions, mandatory encryption, malware scanning, and ongoing user education to prevent costly breaches or compliance violations. In enterprise settings, it is crucial for employees, IT staff, contractors, and vendors who routinely transfer, back up, or share sensitive business data using removable devices. These users are required to comply with security protocols to keep corporate networks and confidential information safe. Typical features include data encryption, device control and malware scanning.
CrowdStrike has 1 product in Removable Media Security market
Security Consulting Services, Worldwide
Security consulting firms are advisory and consulting services (see 'Definition: Cybersecurity' ) related to information and IT security design, evaluation and recommendations. These services are procured by various stakeholders in an organization, including boards of directors, CEOs, chief risk officers (CROs), chief information security officers (CISOs), chief information officers (CIOs), and other business and IT leaders for the purpose of obtaining and ensuring acceptable risk levels for a specific client organization.
CrowdStrike has 1 product in Security Consulting Services, Worldwide market
Security Information and Event Management
Security information and event management (SIEM) is a configurable system of record that collects, aggregates and analyzes security event data from on-premises and cloud environments. SIEM processes security event data for the purposes of threat detection, investigation and response. It natively supports data normalization and offers user-configurable detection content and reporting to orchestrate threat mitigation and satisfy compliance requirements. These solutions are delivered via a SaaS platform or client-hosted on-premises or private cloud. The security information and event management (SIEM) system must assist with: 1. Aggregating and normalizing data from various IT and operational technology (OT) environments. 2. Designing and executing near real-time monitoring and alerting content. 3. Enriching and investigating security events of interest. 4. Supporting manual and automated response actions. 5. Maintaining and reporting on current and historical event data.
CrowdStrike has 1 product in Security Information and Event Management market
Security Threat Intelligence Products and Services (Transitioning to Cyber Threat Intelligence Technologies)
The security threat intelligence products and services market refers to the combination of products and services that deliver knowledge (context, mechanisms, indicators, implications and action-oriented advice), information and data about cybersecurity threats, threat actors and other cybersecurity-related issues. The output of these products and services aims to provide or assist in the curation of information about the identities, motivations, characteristics and methods of threats, commonly referred to as tactics, techniques and procedures (TTPs). The intent is to enable better decision making and improve security technology capabilities to reduce the likelihood and impact of a potential compromise. Threat intelligence (TI) products and services support the different stages of a TI process life cycle. In particular, this involves defining the aims and objectives, collecting and processing intelligence originating from various sources, analyzing and disseminating it to different stakeholders within the organization, and regularly providing feedback on the entire process. These products and services support ongoing security investigations and assist in preventing future breaches by prioritizing infrastructure hardening. TI tools and services are most commonly cloud-based products and services, but can also be delivered “as a service.”
CrowdStrike has 1 product in Security Threat Intelligence Products and Services (Transitioning to Cyber Threat Intelligence Technologies) market
User Authentication
Gartner defines user authentication as the journey-time process that provides credence in a claim to an identity established for a person for access to digital assets. User authentication is delivered by some combination of (a) an authenticator, (b) signals evaluation and (c) an authentication decision point, which may be from different vendors. User authentication is used to provide credence in an identity claim for a person already known to an organization. The credence must be sufficient to bring account takeover (ATO) risks within the organization’s risk tolerance. Without effective authentication, the security of and trust in that person’s digital interactions are deeply undermined. User authentication is foundational to and protects the value of other functions within an organization’s identity fabric, namely: runtime authorization, especially segregation of duties (SOD), audit (individual accountability), and identity analytics.
CrowdStrike has 1 product in User Authentication market
Vulnerability Assessment
VA solutions identify, categorize and prioritize vulnerabilities as well as orchestrate their remediation or mitigation. Their primary focus is vulnerability and security configuration assessments for enterprise risk identification and reduction, and reporting against various compliance standards. VA can be delivered via on-premises, hosted and cloud-based solutions, and it may use appliances and agents. Core capabilities include: - Discovery, identification and reporting on device, OS, software vulnerabilities and configuration against security-related criteria - Establishing a baseline for systems, applications and databases to identify and track changes in state - Reporting options for compliance, control frameworks and multiple roles Standard capabilities include: - Pragmatic remediation prioritization with the ability to correlate vulnerability severity, asset context and threat context that then presents a better picture of true risk for your specific environment - Guidance for remediating and configuring compensating controls - Management of scanner instances, agents and gateways - Direct integration with, or API access to, asset management tools, workflow management tools and patch management tools
CrowdStrike has 1 product in Vulnerability Assessment market