CrowdStrike Falcon Endpoint Protection
The CrowdStrike Falcon Endpoint Protection App provides visibility into the security posture of your endpoints as analyzed by the CrowdStrike Falcon Endpoint Protection platform. The app allows you to analyze indicators of compromise (IOCs) by affected users, tactic, technique, and objective, and identify hosts on your network with the highest malware detections. The dashboards in this app help identify threats and incidents, from which you can drill down to investigate further.
The CrowdStrike Falcon Endpoint Protection Platform is a cloud-native framework that protects endpoints to stop breaches and improve performance with the robust power of the cloud combined with an intelligent, lightweight endpoint agent.
Log Types
The CrowdStrike Falcon Endpoint Protection App uses the following log types:
-
Detection Event
-
Authentication Event
-
Detection Status Update Event
For more information on Events, please refer to the CrowdStrike Falcon Endpoint Protection Streaming API Event Dictionary.