List of CrowdStrike Falcon SIEM Customers
CrowdStrike
206 East 9th Street Suite 1400,
Austin, 78701, TX,
United States
Austin, 78701, TX,
United States
1 888-512-8906
Professional Services
10363
$4.0B
Since 2010, our global team of researchers has been studying CrowdStrike Falcon SIEM customers around the world, aggregating massive amounts of data points that form the basis of our forecast assumptions and perhaps the rise and fall of certain vendors and their products on a quarterly basis.
Each quarter our research team identifies companies that have purchased CrowdStrike Falcon SIEM for Security Information and Event Management (SIEM) from public (Press Releases, Customer References, Testimonials, Case Studies and Success Stories) and proprietary sources, including the customer size, industry, location, implementation status, partner involvement, LOB Key Stakeholders and related IT decision-makers contact details.
Companies using CrowdStrike Falcon SIEM for Security Information and Event Management (SIEM) include: Ernst & Young, a United Kingdom based Professional Services organisation with 406209 employees and revenues of $51.20 billion, Ernst & Young US, a United States based Professional Services organisation with 65000 employees and revenues of $20.00 billion, Great American Insurance Group, a United States based Insurance organisation with 8500 employees and revenues of $7.83 billion, Travel + Leisure, a United States based Leisure and Hospitality organisation with 19300 employees and revenues of $4.02 billion, Remitly, a United States based Banking and Financial Services organisation with 2200 employees and revenues of $653.0 million and many others.
Contact us if you need a completed and verified list of companies using CrowdStrike Falcon SIEM, including the breakdown by industry (21 Verticals), Geography (Region, Country, State, City), Company Size (Revenue, Employees, Asset) and related IT Decision Makers, Key Stakeholders, business and technology executives responsible for the software purchases.
The CrowdStrike Falcon SIEM customer wins are being incorporated in our Enterprise Applications Buyer Insight and Technographics Customer Database which has over 100 data fields that detail company usage of software systems and their digital transformation initiatives. Apps Run The World wants to become your No. 1 technographic data source!
Apply Filters For Customers
| Logo | Customer | Industry | Empl. | Revenue | Country | Vendor | Application | Category | When | SI | Insight |
|---|---|---|---|---|---|---|---|---|---|---|---|
 |
Ernst & Young | Professional Services | 406209 | $51.2B | United Kingdom | CrowdStrike | CrowdStrike Falcon SIEM | Security Information and Event Management (SIEM) | 2025 | n/a |
In 2025, Ernst & Young selected CrowdStrike Falcon SIEM as the base for its global managed services offering. CrowdStrike Falcon Next-Gen Security Information and Event Management (SIEM) is cited as the foundation EY will use to help enterprises move off older SIEM tools and modernize managed detection and response capabilities within their client base.
The implementation centers on core Security Information and Event Management (SIEM) capabilities, including centralized log aggregation, real-time threat detection, analytics-driven correlation, and automation to support SOC workflows. Configurations emphasize next generation detection engines and AI-enabled detection orchestration consistent with CrowdStrike’s automated SOC features and Charlotte AI driven capabilities, aligning SIEM event enrichment with endpoint and telemetry collection.
Operational coverage is positioned at a global managed services level, with EY using CrowdStrike Falcon SIEM to deliver managed monitoring and incident response across cloud, data center and edge environments for client estates. This deployment narrative aligns with CrowdStrike partnerships that extend SIEM reach into AI production environments, notably the CoreWeave collaboration that brings Falcon security to an AI cloud, and the NVIDIA collaboration to enable always-on, continuously learning AI agents for real-time threat detection across cloud, data center and edge.
Governance and rollout are framed as a platform-led managed services augmentation, where EY’s global service catalog will incorporate CrowdStrike Falcon SIEM as a standard capability for new managed SIEM offerings. Market context for the chosen application is explicit, CrowdStrike’s Next-Gen SIEM business reported rapid growth with annual recurring revenues rising more than 95% year over year to more than $430 million in the referenced quarterly period, and vendor commentary highlights faster onboarding and lower data costs as enablers of adoption.
|
 |
Ernst & Young US | Professional Services | 65000 | $20.0B | United States | CrowdStrike | CrowdStrike Falcon SIEM | Security Information and Event Management (SIEM) | 2025 | n/a |
In 2025, Ernst & Young United States selected CrowdStrike Falcon SIEM to serve as the foundational platform for its global cybersecurity managed services. CrowdStrike Falcon SIEM is a Security Information and Event Management (SIEM) product intended to centralize telemetry, correlation, and incident management across distributed service delivery environments.
The implementation emphasizes core SIEM capabilities including high volume security telemetry ingestion, event normalization and correlation, alert triage, and incident investigation workflows, leveraging CrowdStrike agent telemetry and platform APIs for contextual enrichment. Vendor announcements in 2025 expanded the CrowdStrike module portfolio with Falcon Next-Gen Identity Security, Falcon Data Protection, Falcon for IT, Falcon for XIoT, Charlotte AI innovations, and Threat AI, creating an ecosystem of identity, data protection, endpoint and AI capabilities that align with SIEM use cases.
Deployment and architecture choices align to cloud native delivery, the vendor reported availability through an enhanced SaaS Quick Launch in AWS Marketplace, and strategic partnerships with CoreWeave and NVIDIA to power secure AI cloud and edge inference for continuous analytics. Charlotte AI achieving FedRAMP High authorization was highlighted, supporting high assurance cloud deployments and regulated workload coverage for customers and managed service providers.
Operational scope is defined as EY US's global cybersecurity managed services, with direct impact on security operations centers, incident response and managed detection and response offerings, and related professional services integration. Governance implications include platform centralization for managed service orchestration, standardization of SIEM workflows across service lines, and alignment to a broader CrowdStrike innovation stack; CrowdStrike's 2025 vendor recognitions, including Visionary placement in the Gartner Magic Quadrant for Security Information and Event Management (SIEM), were noted in vendor communications.
|
 |
Great American Insurance Group | Insurance | 8500 | $7.8B | United States | CrowdStrike | CrowdStrike Falcon SIEM | Security Information and Event Management (SIEM) | 2022 | n/a |
In 2022 Great American Insurance Group implemented CrowdStrike Falcon SIEM as a cloud-based log management and Next Gen SIEM augmentation, classified in the Security Information and Event Management (SIEM) category. The deployment leveraged CrowdStrike Falcon LogScale for centralized high-volume log ingestion and indexing to support security, compliance, DevOps and operations use cases.
The implementation focused on scalable log storage, rapid indexing and interactive search, enabling sub-second searches across billions of events and dramatically increasing the log user count. CrowdStrike Falcon LogScale provided search and analytics capabilities that improved root-cause analysis and regulatory and operational visibility, according to the CrowdStrike customer story.
Operational coverage was scoped to the United States and targeted security, compliance, DevOps and operations teams, aligning log access and investigative workflows with those business functions. Governance changes emphasized centralized log management, searchable indexes for investigations, and expanded user access for operational troubleshooting and compliance monitoring.
|
 |
Netlify | Professional Services | 210 | $31M | United States | CrowdStrike | CrowdStrike Falcon SIEM | Security Information and Event Management (SIEM) | 2022 | n/a |
In 2022, Netlify deployed CrowdStrike Falcon SIEM under the Security Information and Event Management (SIEM) category to centralize observability across DevOps, operations and support, with the implementation scoped to the US region. The rollout used CrowdStrike Falcon LogScale as the SIEM and log management engine to provide enterprise-grade ingestion and indexing of application and infrastructure logs.
The implementation architecture emphasized centralized log collection, real time ingestion and indexing, interactive query and dashboarding, and alerting to support incident investigation and operational monitoring. Functional capabilities implemented included high-throughput log aggregation, centralized storage and search, real time log analytics, and configurable detection and alert workflows consistent with Security Information and Event Management (SIEM) practices.
Operational governance aligned incident response and uptime monitoring workflows across DevOps, operations and support teams, creating a single pane for observability and escalation. The deployment delivered scalable real time logging and reduced mean time to discovery as reported in the vendor case study, improving Netlify’s incident response posture without other outcome metrics disclosed.
|
 |
Oklahoma Office of Management and Enterprise Services | Government | 1108 | $301M | United States | CrowdStrike | CrowdStrike Falcon SIEM | Security Information and Event Management (SIEM) | 2022 | n/a |
In 2022, Oklahoma Office of Management and Enterprise Services implemented CrowdStrike Falcon SIEM to centralize statewide event monitoring and threat detection. The deployment was positioned within the agency CyberCommand Security Operations Center and targeted enterprise security, privacy, and compliance workloads across state agencies.
CrowdStrike Falcon SIEM was configured to support core Security Information and Event Management (SIEM) capabilities including real time threat detection, forensic log analysis, threat hunting, and ingestion of indicators of compromise. Implementation work emphasized log parsing, alert correlation, and incident triage workflows to enable SOC analysts to monitor attack vectors and conduct forensic analysis.
The deployment operates alongside an ecosystem of security tooling cited by OMES including Splunk, FlashPoint, DarkTrace, and ForcePoint, with investigative documentation maintained in Anomali ThreatStream and IOCs imported from OK-ISAC. Integrations with these telemetry and intelligence sources support cross tool correlation and IOC enrichment for statewide incident response activities.
Governance and operationalization were coordinated with OMES leadership, with senior security analysts providing recommendations for remediation and security hardening in accordance with agency policies and guidelines. The implementation context explicitly supports protecting the State of Oklahoma data and assets while advancing a statewide approach to cybersecurity privacy and compliance.
|
 |
|
Banking and Financial Services | 2200 | $653M | United States | CrowdStrike | CrowdStrike Falcon SIEM | Security Information and Event Management (SIEM) | 2022 | n/a |
|
|
|
|
Leisure and Hospitality | 19300 | $4.0B | United States | CrowdStrike | CrowdStrike Falcon SIEM | Security Information and Event Management (SIEM) | 2025 | n/a |
|
Showing 1 to 7 of 7 entries
Buyer Intent: Companies Evaluating CrowdStrike Falcon SIEM
ARTW Buyer Intent uncovers actionable customer signals, identifying software buyers actively evaluating CrowdStrike Falcon SIEM. Gain ongoing access to real-time prospects and uncover hidden opportunities. Companies Actively Evaluating CrowdStrike Falcon SIEM for Security Information and Event Management (SIEM) include:
- Vegas.com, a United States based Leisure and Hospitality organization with 430 Employees
Discover Software Buyers actively Evaluating Enterprise Applications
| Logo | Company | Industry | Employees | Revenue | Country | Evaluated |
|---|---|---|---|---|---|---|
 |
Vegas.com | Leisure and Hospitality | 430 | $70M | United States | 2026-04-02 |
FAQ - APPS RUN THE WORLD CrowdStrike Falcon SIEM Coverage
CrowdStrike Falcon SIEM is a Security Information and Event Management (SIEM) solution from CrowdStrike.
Companies worldwide use CrowdStrike Falcon SIEM, from small firms to large enterprises across 21+ industries.
Organizations such as Ernst & Young, Ernst & Young US, Great American Insurance Group, Travel + Leisure and Remitly are recorded users of
CrowdStrike Falcon SIEM for Security Information and Event Management (SIEM).
Companies using CrowdStrike Falcon SIEM are most concentrated in Professional Services, Insurance and Leisure and Hospitality, with adoption spanning over 21 industries.
Companies using CrowdStrike Falcon SIEM are most concentrated in United Kingdom and United States, with adoption tracked across 195 countries worldwide. This global distribution highlights the popularity of CrowdStrike Falcon SIEM across Americas, EMEA, and APAC.
Companies using CrowdStrike Falcon SIEM range from small businesses with 0-100 employees - 0%, to mid-sized firms with 101-1,000 employees - 14.29%, large organizations with 1,001-10,000 employees - 42.86%, and global enterprises with 10,000+ employees - 42.86%.
Customers of CrowdStrike Falcon SIEM include firms across all revenue levels — from $0-100M, to $101M-$1B, $1B-$10B, and $10B+ global corporations.
Contact APPS RUN THE WORLD to access the full verified CrowdStrike Falcon SIEM customer database with detailed Firmographics such as industry, geography, revenue, and employee breakdowns as well as key decision makers in charge of Security Information and Event Management (SIEM).