Which app in CrowdStrike Falcon includes Host Search, User Search, and Event Search functionalities?

The Investigate App in CrowdStrike Falcon is designed to provide deep visibility into the data collected by the platform, specifically focusing on threat intelligence and endpoint activity. Host Search, User Search, and Event Search functionalities enable users to perform detailed queries and get comprehensive insights related to endpoints, users, and events.

Through the Host Search function, users can quickly find information about specific hosts within the environment, which is crucial for incident response and threat analysis. User Search allows for tracking user activity, helping to identify potential security breaches or anomalous behaviors tied to specific users. Event Search provides the ability to delve into the events associated with hosts or users, facilitating a thorough investigation of incidents.

This app is vital for security analysts and threat hunters, as it consolidates data in a way that allows for informed decision-making and swift responses to security threats.