RiskIQ Illuminate for CrowdStrike


RiskIQ Illuminate for CrowdStrike gives security teams a 360° view of their attack surface to better detect threats and defend their enterprise

  • Creates complete security visibility by bridging external and internal threat intelligence data in one location

  • Accelerates hunting or incident response engagements by surfacing related or overlapping infrastructure data

  • Enriches investigations by automatically searching internal endpoints for indicators of compromise as analysts pivot

  • Displays CrowdStrike Intelligence directly alongside detailed Internet collection data

CrowdStrike data in PassiveTotal

Once installed, available CrowdStrike intelligence and EDR will be available to all of your PassiveTotal users.

CrowdStrike Falcon-Intelligence data in PassiveTotal

CrowdStrike Falcon-X (EDR) data in PassiveTotal

Installation Guide

Application Requirements

  • User must be an existing, paid user of CrowdStrike

  • User must be an Administrator for the CrowdStrike instance

  • Customer must be licensed with Falcon-X or Falcon Insight EDR

  • Administrator must click the “Trial” button within CrowdStrike app store

  • Administrator must re-assign RiskIQ administrator function or invite internal team members to the PassiveTotal instance

Installation Steps

Have your CrowdStrike administrator open the CrowdStrike Store and click the RiskIQ Illuminate app:

From there, have your administrator click the "Trial" button.