Analyst1 adds Precise Filters, CrowdStrike integration in 2.15.0 release

Analyst1 on June 25, 2026, released version 2.15.0 with a new filtering system, native CrowdStrike Endpoint Security integration, and security updates aimed at helping threat intelligence teams move faster. The update also expands API and dashboard capabilities and adds data expiration controls for indicator feeds.

Why it matters: - Analyst1’s latest release is aimed at reducing friction between threat intelligence collection and operational response. - The new filtering tools and CrowdStrike integration are designed to help security teams find relevant intelligence faster and push actions into existing workflows. - Security updates and data cleanup controls also help organizations keep indicator collections current and reduce maintenance overhead.

What happened: - Analyst1 announced general availability of version 2.15.0 on June 25, 2026. - The release adds Precise Filters, a new CrowdStrike Endpoint Security integration, and multiple analyst experience improvements. - Analyst1 said the update is available now for existing customers. - Existing customers can access release notes and documentation at docs.analyst1.com.

The details: - Precise Filters let analysts start with a basic filter set and expand into more targeted, multi-layered collection requirements without query language knowledge. - Existing filters and saved views carry forward automatically. - Precise Filters work across intelligence collections, dashboards, publication drafts and templates, API keys, and users. - The CrowdStrike integration lets teams export indicators directly to CrowdStrike. - Supported exports include SHA256 file hashes, domains, IPv4 addresses, and IPv6 addresses. - CrowdStrike actions, host groups, severities, and platform targeting can be configured. - Analyst1 can remove indicators in CrowdStrike IOC Management that were previously created by Analyst1. - The integration supports Commercial, EU, and GovCloud CrowdStrike environments. - The Data Expiration Timeframe (Days) setting now works for supported indicator feeds and Custom Indicator API Sources. - The feature automatically removes reporting sources that have not updated or referenced an indicator within a configurable timeframe. - API v2 now includes sensor endpoints. - Dashboard cards can be created with precise filters through an updated chart selection workflow. - Administrators can control when indicators are marked active or inactive. - Security updates include PostgreSQL 18.3 and an updated Chromium version addressing multiple CVEs.

Between the lines: - Analyst1 is pushing deeper into workflow automation, not just intelligence display. - The CrowdStrike link suggests a stronger focus on connecting threat intelligence with detection and response systems already used by security teams. - The new filtering model also lowers the barrier for analysts who need precision without building complex queries. - The security patching in the release signals that platform hardening is part of the product roadmap, not an afterthought.

What's next: - Analyst1 says customers can use the release notes and documentation now to adopt the new features. - Security teams that use CrowdStrike can begin testing indicator exports and IOC management workflows. - Organizations with large intelligence collections can evaluate Precise Filters and data expiration settings to tighten curation and search.

The bottom line: - Version 2.15.0 makes Analyst1 more useful as an operational tool by combining tighter filtering, broader EDR integration, and updated security controls.