Who Has Installed and Used CrowdStrike Falcon?

egrizzly Member Posts: 533 ■■■■■□□□□□

April 2023 in Incident Response

Has anybody here installed or used Crowdstrike - the popular EDR tool? It was recently deployed in our environment but I don't think it's working correctly. On the "Detections" dashboard here's the True Positive/False Positive ratio on what we're seeing on Medium severity is 2/8.

So typically, are Medium severity detections set to "Prevent" (Blocked) or just to Detect? Where at the back-end can you adjust this setting?

B.Sc (Info. Systems), CISSP, CCNA, CCNP, Security+

Tagged:

end point detection and response
onedrive

0 ·

or Register to comment.