CrowdStrike
CrowdStrike is a cloud-native platform that protects endpoints, cloud workloads, identity and data. This guide explains how to add CrowdStrike integration to Cloudaware.
To see how Cloudaware seamlessly integrates with CrowdStrike in action, request a demo.
Prerequisites
Cloudaware requires the following read-only permissions in CrowdStrike API scope:
sensor download
detections
hosts
host groups
vulnerabilities
Add a CrowdStrike account
Log in to Cloudaware → Admin.
Find CrowdStrike in integrations. Click +ADD.
Fill out the form:
WHERE
Name – a descriptive name for CrowdStrike account, e.g., CrowdStrike Prod US-1 or Falcon Integration
Client ID – CrowdStrike Customer ID (CID) (in the CrowdStrike Falcon Console, navigate to Support → API Clients and Keys)
Client Secret – CrowdStrike Customer Secret (in the CrowdStrike Falcon Console, navigate to Support → API Clients and Keys)
Environment – select one from the drop-down list based on your Falcon tenant region
Click SAVE.A green light in the ‘Status’ column indicates successful configuration. If the light is red, contact support@cloudaware.com.
To view CrowdStrike-related data, go to Cloudaware CMDB Navigator. Select CROWDSTRIKE in the left-hand menu.
List of CrowdStrike objects
Cloudaware supports the following CrowdStrike objects:
Crowdstrike Account
CA10CR__CaCrowdstrikeAccount__c
Crowdstrike Detection
CA10CR__CaCrowdstrikeDetection__c
Crowdstrike Detection Behavior
CA10CR__CaCrowdstrikeDetectionBehavior__c
Crowdstrike Group
CA10CR__CaCrowdstrikeGroup__c
Crowdstrike Host
CA10CR__CaCrowdstrikeHost__c
Crowdstrike Host Group Link
CA10CR__CaCrowdstrikeHostGroupLink__c
Crowdstrike Sensor Update Policy
CA10CR__CaCrowdstrikeSensorUpdatePolicy__c
Crowdstrike Sensor Update Policy Group
CA10CR__CaCrowdstrikeSensorUpdatePolicyGroupLink__c