Falcon Insight delivers continuous, comprehensive endpoint visibility that spans detection, response, and forensics to ensure nothing is missed and stops potential breaches.
CrowdStrike Falcon Insight Integration for Security Operations provides CI enrichment and host isolation capabilities.
Integration with CrowdStrike Falcon Insight provides the following EDR (Endpoint Detection and Response) capabilities:
- Get Host Details
- Get Network Stats
- Get Running Processes
- Get Running Services
- Get Logged-on Users
- Sighting Search
- Isolate Host
- Remove Host Isolation
New :
Upgraded all dictionary-level read-only fields to Strict Read-Only to enhance security and prevent unauthorized changes.This update ensures the server consistently enforces read-only behaviour across all UIs, scripts, and integrations.
Security Incident Response Dependency plugin (com.snc.si_dep) is required. This plugin automatically installs all the dependencies required to support the Security Incident Response product.
Verify that Security Incident Response (SIR) is installed and activated from the ServiceNow Store.