Skip to main content
Sumo Logic

CrowdStrike Falcon

CrowdStrike Falcon
The CrowdStrike Falcon App gives you visibility into the overall security posture of your environment, as analyzed by CrowdStrike Falcon deployed in your network. This allows you to analyze and group detections by user, tactic, technique, and objective, and find hosts on your network with the highest malware detection. The App dashboards provide detailed analysis of malware detections, from which you can drill down to investigate malicious behaviors.

The CrowdStrike Falcon App provides visibility into the security posture of your endpoints as analyzed by the CrowdStrike Falcon platform deployed in your network. The app allows you to analyze indicators of compromise (IOCs) by affected users, tactic, technique, and objective, and identify hosts on your network with the highest malware detections. The dashboards in this app help identify malware, from which you can drill down to investigate malicious behavior.

The CrowdStrike Falcon Platform is a cloud-native framework that protects endpoints to stop breaches and improve performance with the robust power of the cloud combined with an intelligent, lightweight agent.

Log Types 

The CrowdStrike Falcon App uses the following log types:

  • Detection Event 
  • Authentication Event
  • Detection Status Update Event

For more information on Events, please refer to the CrowdStrike Falcon Streaming API Event Dictionary