Endpoint Security, CrowdStrike, What is CrowdStrike?

Introduction to CrowdStrike's Falcon platform.

What is CrowdStrike?

Endpoint Security - CrowdStrike is a cybersecurity tool/solution designed to mitigate real-time cybersecurity threats and incidents, give visibility and security capability to the Cybersecurity team and CrowdStrike users; protect systems against malware, and enable institutional measurement and understanding of security conditions and events. CrowdStrike utilizes artificial intelligence and a lightweight agent, providing visibility into the entire threat lifecycle, allowing IT and security professionals to act quickly and effectively to critical security events on Linux, Mac and Windows devices. CrowdStrike is a component integral to Endpoint Security. It exists as a fundamental part of Security's charge, obligations, provisions, and directives presented to it under the Campus Administrative Manual, “Appropriate Use of Computers and Network Systems”, and as authorized by the Chief Privacy & Security Officer.

How do I get this?

Option 1: [Preferred] Get and install the Community Instance in your environment

Option 2: Set up Community instance with added advanced, privileged access.

  • Conditions and process apply, see below.

Option 3: Deploy an Organizational instance (advanced, privileged access)

  • Conditions and process apply, see below.

Due to the advanced capabilities and power of CrowdStrike in options 2 or 3, to gain privileged access or roles, your unit must satisfy the following conditions before being granted privileged access (See KB Endpoint Services, CrowdStrike, Management Models):

  • Unit/departmental leadership must countersign the requirements understanding and accountability statement on the “authorized user” designation form
  • You must have completed the Privacy and Security process, expectations, and access training
  • Your department or unit must decide or have decided on a Management Model (See Endpoint Services, CrowdStrike, Management Models)
  • If you are unsure how to find out any of the above or how to get started, contact securitysupport@illinois.edu

To request provisioning

Go to https://go.illinois.edu/EPSHelp and choose the service to provision and select the “Provision” request type.

Who do I contact?

What happens if there is a security issue?

  • There are many tools within CrowdStrike to aid in detection, inspection, impact measurement, and mitigation.
  • If there are indicators of compromise, critical event/incident response may be undertaken by the Security team to mitigate. Please see https://go.illinois.edu/csoc

Contact the EPS team

Keywords:introduction intro learning EPS CrowdStrike windows mac macos endpoint TechS-EPS-CS   Doc ID:93944
Owner:EPS Distribution List .Group:University of Illinois Technology Services
Created:2019-08-19 13:20 CDTUpdated:2020-01-17 10:19 CDT
Sites:University of Illinois Technology Services
Feedback:  0   0