RiskIQ Illuminate for CrowdStrike gives security teams a 360° view of their attack surface to better detect threats and defend their enterprise
Creates complete security visibility by bridging external and internal threat intelligence data in one location
Accelerates hunting or incident response engagements by surfacing related or overlapping infrastructure data
Enriches investigations by automatically searching internal endpoints for indicators of compromise as analysts pivot
Displays CrowdStrike Intelligence directly alongside detailed Internet collection data
CrowdStrike data in PassiveTotal
Once installed, available CrowdStrike intelligence and EDR will be available to all of your PassiveTotal users.
CrowdStrike Falcon-Intelligence data in PassiveTotal
CrowdStrike Falcon-X (EDR) data in PassiveTotal
User must be an existing, paid user of CrowdStrike
User must be an Administrator for the CrowdStrike instance
Customer must be licensed with Falcon-X or Falcon Insight EDR
Administrator must click the “Trial” button within CrowdStrike app store
Administrator must re-assign RiskIQ administrator function or invite internal team members to the PassiveTotal instance
Have your CrowdStrike administrator open the CrowdStrike Store and click the RiskIQ Illuminate app:
From there, have your administrator click the "Trial" button.