Endpoint Security, CrowdStrike, What is CrowdStrike?
Introduction to CrowdStrike's Falcon platform.
What is CrowdStrike?
Endpoint Security - CrowdStrike is a cybersecurity tool/solution designed to mitigate real-time cybersecurity threats and incidents, give visibility and security capability to the Cybersecurity team and CrowdStrike users; protect systems against malware, and enable institutional measurement and understanding of security conditions and events. CrowdStrike utilizes artificial intelligence and a lightweight agent, providing visibility into the entire threat lifecycle, allowing IT and security professionals to act quickly and effectively to critical security events on Linux, Mac and Windows devices. CrowdStrike is a component integral to Endpoint Security. It exists as a fundamental part of Security's charge, obligations, provisions, and directives presented to it under the Campus Administrative Manual, “Appropriate Use of Computers and Network Systems”, and as authorized by the Chief Privacy & Security Officer.
How do I get this?
Option 1: Get and install in the Community Instance in your environment
- The Community instance agent is deployable by any IT Pro and is available for any Urbana-Champaign unit. EPS is available for assistance in deployment via MECM and Munki.
- Units wanting CrowdStrike console access may request access to the endpoint manger role in the Community instance. Information on the roles in CrowdStrike console: https://answers.uillinois.edu/93971
Option 2: Set up in a Named instance with advanced access.
- Named instance agents are deployable by IT Pros and are available for any Urbana-Champaign unit. Deployment may be done via MECM and Munki.
- Units wanting a Named instance may request consultation. See below.
Option 3: Deploy in a Self-Managed instance with additional advanced access.
- Consultation required, see below.
To request provisioning and/or consultation
Go to https://go.illinois.edu/EPSHelp and choose the service to provision and select the “Provision” request type.
Who do I contact?
- For Endpoint provisioning or CrowdStrike packaging questions and support, use https://go.illinois.edu/EPSHelp.
- For all other CrowdStrike-specific or security concerns, email firstname.lastname@example.org.
- For emergencies see https://go.illinois.edu/csoc.
What happens if there is a security issue?
- There are many tools within CrowdStrike to aid in detection, inspection, impact measurement, and mitigation.
- If there are indicators of compromise, critical event/incident response may be undertaken by the Security team to mitigate. Please see Endpoint Security, CrowdStrike, Notification from Security.