CrowdStrike integration

This page includes:

• CrowdStrike integration
  • About the CrowdStrike integration
  • How it works
  • The Perception Point-CrowdStrike integration procedure
  • Step 1: Installing the CrowdStrike-Perception Point app
  • Step 2: Activating the Perception Point-CrowdStrike integration
  • Step 3: Configuring the Perception Point-CrowdStrike integration
  • Flow chart diagram

Note: Before implementing this channel integration, contact your Customer Success Manager for Perception Point X‑Ray to make sure that this functionality is included in your current Perception Point X‑Ray license.

About the CrowdStrike integration

Perception Point can be integrated with various products. This page explains the configurations that are required to integrate Perception Point with CrowdStrike. This page describes what must be performed by Perception Point Support and what must be performed by you, the customer, to perform the integration.

Perception Point is a highlighted CrowdStrike partner. The combination of Perception Point together with CrowdStrike's Falcon Platform provides comprehensive threat detection, remediation, and containment.

How it works

If malware breaches an organization's perimeter, and is detected on an endpoint, it is quite likely that there are already other instances of that malware within the organization, especially when people work in a multi-channel environment.

After the Perception Point-CrowdStrike integration has been configured, the instant the CrowdStrike Falcon Platform detects malicious content on an endpoint, it sends the hash of the malicious file to Perception Point X‑Ray. Then Perception Point X‑Ray searches for the hash to see if there are any file matches inside the organization - across all the collaboration channels that Perception Point is protecting, including email, cloud storage platforms, and EDR tools. Once a file is identified by the Falcon Platform, the organization's SOC team immediately receives an alert, and Perception Point automatically contains the malware, preventing it from spreading. In addition, Perception Point will change the scan verdict associated with the malware - to malware - to prevent the malware from again penetrating the organization.

Note: Malicious files that are detected in CrowdStrike are included in the Events page in Perception Point X‑Ray. For details, see Events.

The Perception Point-CrowdStrike integration procedure

Perform the 3-step procedure below to integrate Perception Point with CrowdStrike.

Steps
Step 1 - Installing the CrowdStrike-Perception Point app
Step 2 - Activating the Perception Point-CrowdStrike integration
Step 3 - Configuring the Perception Point-CrowdStrike integration

Step 1: Installing the CrowdStrike-Perception Point app

This step installs the CrowdStrike-Perception Point app.

1. Install the Perception Point X‑Ray app from the CrowdStrike store.

   Click Start free trial [] to begin the process.

   Perception Point Support will convert the installation from Free Trial to Purchased during Step 2 below.

2. When the CrowdStrike-Perception Point app is installed, continue with Step 2 below.

Step 2: Activating the Perception Point-CrowdStrike integration

1. In Perception Point X‑Ray, in the left navigation menu, select Account > Bundles and Channels.

2. Make sure that a bundle is assigned that includes CrowdStrike.

3. Under Enabled Channels, locate "CrowdStrike" and then click "Activate" located on the right.

Step 3: Configuring the Perception Point-CrowdStrike integration

This step configures the CrowdStrike integration with Perception Point.

• This step must be performed by Perception Point Support.

• Perception Point Support can perform this step only after Step 2 above has been completed.

• After you have completed Step 2 above, contact Perception Point Support [support@perception-point.io] and ask them to perform Step 3 - Configuring the Perception Point-CrowdStrike integration.

  You can include the text template below in your email:

  Subject: Step 3 - Configuring the CrowdStrike integration
  Hi Perception Point Support Team, Organization name: <Your org name> We are performing the integration with CrowdStrike. We have completed Step 2 - Activating the Perception Point-CrowdStrike integration. Please can you perform Step 3 - Configuring the Perception Point-CrowdStrike integration. [Internal Reference: 1150] Please let us know when this has been done. Thank you

• Perception Point Support will inform you when Step 3 has been completed. When Step 3 has been completed, the CrowdStrike integration will be active.

Flow chart diagram

See also: 

• Integrating EDR tools

• Integrating Channels