Global
Africa
South Africa
Albania
Australia
Austria
Belgium
Bosnia Herzegovina
Bulgaria
Canada
Canada FR
Croatia
Denmark
Estonia
Finland 
Finland (English)
France
Germany
Hong Kong
Hungary
Iceland
India
Indonesia
Ireland
Israel
Italy
Kosovo
Latvia
Lithuania
Malaysia
Middle East
Montenegro
Netherlands
New Zealand
North Macedonia
Norway
Philippines
Poland
Portugal
Romania
Saudi Arabia
Serbia
Singapore
Slovakia
Slovenija
Spain
Sweden
Switzerland DE
Switzerland FR
Thailand
Turkey
USA
Ukraine
United Kingdom
Vietnam
News from Fal.Con 2025 in Las Vegas
News from Fal.Con 2025 in Las Vegas
In September, Las Vegas hosted the latest edition of Fal.Con, attracting over 8,000 attendees. The conference was a great opportunity to share insights and hands-on experience, and it also featured premieres of CrowdStrike’s latest portfolio offerings. Find out how these portfolio updates can minimize your attack surface. Discover new updates and find out how these can help you minimize your attack surface.
Fal.Con is an annual event organized by CrowdStrike. This year, during the conference, CrowdStrike representatives presented a number of new products that many administrators had been waiting for. But Fal.Con isn’t just about announcements – it features over 300 sessions, workshops, and hands-on demons, allowing participants to see new features in action and understand how to build resilience to modern threats in the age of AI. The European edition of the event, Fal.Con Europe, will take place on November 4-6 in Barcelona.
Fal.Con 2025 – key new features
Falcon for IT Redefines Risk-Based Vulnerability Management and Patching
At Fal.Con 2025, CrowdStrike presented a new approach to vulnerability management. The Falcon for IT module not only detects vulnerabilities but also automatically prioritizes and remediates them based on real risk. Instead of drowning in thousands of CVEs, the platform highlights which vulnerabilities are actively exploited by attackers and pose the greatest threat to your organization.
The classic approach based solely on CVSS is left far behind. Falcon uses telemetry, threat context, and Patch Safety Scores to identify which patches trully matter. It delivers updates for Windows, macOS, and Linux without the risk of destabilizing systems. The result? Faster and safer patching, no more separation between IT and security tools, and a real reduction in the risk of breaches.
Figure 1. Attack path analysis
Source: https://www.crowdstrike.com/en-us/blog/falcon-for-it-redefines-vulnerability-management-with-risk-based-patching/
Improvements for SOC with Ready-to-Use Playbooks
Even seemingly simple IT security tasks can be complicated to implement and maintain. Without the right tools, operators often have to create scripts from scratch or combine fragmented procedures. Falcon for IT now delivers ready-to-use playbooks for common operations that previously required custom scripts, separate tools, or lengthy implementation.
New playbooks available in the Falcon for IT module allow you to:
- check that critical applications are installed, running, and functioning properly, maintaining endpoint and application resilience without manual intervention,
- quickly analyze files, detect duplicates, and scan the system across thousands of endpoints with full file system indexing,
- block or allow USB storage devices on Linux systems with simple, global control that works headless and at scale.
Figure 2. New SOAR actions
Source: https://www.crowdstrike.com/en-us/blog/falcon-for-it-redefines-vulnerability-management-with-risk-based-patching
Want to learn more about vulnerability management?
CrowdStrike introduces three key innovations in next-generation identity security.
A new dimension of identity protection was unveiled at Fal.Con 2025. CrowdStrike introduces three key innovations:
FalconID – phishing resistance
This solution enables passwordless authentication based on FIDO2. It significantly increases security by generating MFA through the CrowdStrike Falcon for Mobile app. It provides protection against phishing and session hijacking, tactics often exploited by hacker groups. Bluetooth-based control ensures that only someone physically near the device can authenticate, preventing attackers from sending remote PUSH requests. Unlike traditional MFA solutions, FalconID is not based on binary authentication, but uses real-time telemetry data from the entire Falcon platform. These features significantly increase the security of logging into critical resources and protect against data theft and side-channel attacks.
Figure 3. Logging in with FalconID
Source: https://www.crowdstrike.com/en-us/blog/crowdstrike-advances-next-gen-identity-security-three-key-innovations/
Falcon Privileged Access – stronger privileged access control
CrowdStrike improves the capabilities of Falcon Privileged Access. Now, requests and revocations can be performed directly in Microsoft Teams, making the process easier for users working in that environment. In addition, integration with Fusion SOAR allows access rules to be automated, and the new JIT Analytics dashboard provides real-time data on who, when, and for what purpose assigned roles are being used – whether it’s Entra ID, local AD, or local devices. This enables companies to effectively remove permanent permissions, minimize risk, and simplify access management operations from a single console
Figure 4. Requesting permissions via MS Teams
Source: https://www.crowdstrike.com/en-us/blog/crowdstrike-advances-next-gen-identity-security-three-key-innovations/
Identity-Driven Case Management – Automated Cases for Fast Decisions
Falcon Next-Gen Identity Security introduces identity-driven case management. Account-related detections automatically create cases in the Falcon Next-Gen SIEM, mapping identity incidents to attack scenarios across different domains. These cases are enriched in real time with telemetry from across the platform, and agentic AI automates key analyst actions such as enforcing MFA, revoking privileges, and isolating compromised systems – so you can respond faster and cut down on manual investigations.
Figure 5. Incident view from the Falcon console
Source: https://www.crowdstrike.com/en-us/blog/crowdstrike-advances-next-gen-identity-security-three-key-innovations/
Want to learn more about the latest developments in identity protection?
Click on the link below: https://www.crowdstrike.com/en-us/blog/crowdstrike-advances-next-gen-identity-security-three-key-innovations/
Charlotte AI – the brain of the SOC agent team
Fal.Con Las Vegas 2025 also showcased the new capabilities of Charlotte AI. Like the other modules, Charlotte is constantly expanding its functionality.
CrowdStrike’s AI agent can significantly reduce the workload of your SOC team and speed up the long process of analyzing certain events. It automates routine tasks, letting analysts focus on more complex, time-sensitive challenges.
What added value can Charlotte AI bring to your business?
- Immediate responses – conclusions about events and first impressions in just a few seconds.
- Faster triage and response – built on the expertise of Falcon Complete, Overwatch, and Incident Response teams for thoughtful, accurate analysis
- Automation – streamline your response process with pre-built playbooks and AI-driven reasoning
Charlotte’s agent design, expert knowledge, and rich data foundation translate into real results. Thanks to Charlotte’s automation Teams save an average of 40+ hours per week. Insights are delivered 75% faster, and decision accuracy with agent support rises above 98%.
Want to learn more about what’s new with Charlotte AI?
Click on the link below: https://www.crowdstrike.com/en-us/platform/charlotte-ai/
First Complete AIDR Solution on the Market
In mid-September, CrowdStrike announced the signing of a definitive agreement to acquire Pangea, a leader in AI security. Thanks to this transaction, we will soon be able to enjoy the first fully integrated AIDR (Artificial Intelligence for Digital Response) solution on the market. The Falcon platform, supported by artificial intelligence, will not only analyze threats, but also be able to respond to them independently in real time, elevating security to levels never seen before.
Want to learn more about what CrowdStrike and Pangea are building together?
Click the link below: https://www.crowdstrike.com/en-us/pangea/
Want to learn more about CrowdStrike’s current offer?
WEBINAR
Let’s go back to Fal.Con 2025 in Las Vegas!
Sign up for the webinar organized by CrowdStrike and hear about latest news!
Best of Fal.Con 2025 | Highlights and Key Event Takeaways
