The CrowdStrike Falcon Endpoint App on ServiceNow provides users with the ability to integrate alert and detection data from the Falcon platform into their incident response process, by allowing for creation of ITSM incidents. Creation of security incidents within the Security Operations module can be achieved by installing the CrowdStrike Falcon Endpoint For Security Operations application in addition to this app. The integration automates workflows by sending endpoint security events discovered within the CrowdStrike Falcon Platform into Service Now for centralized investigations and faster time to resolution.
CrowdStrike Falcon endpoint protection platform provides cloud delivered Next-Generation Anti-Virus, EDR, IT Hygiene and Managed Hunting in a single sensor. CrowdStrike Falcon protects customers against advanced cyber attacks, using sophisticated signatureless artificial intelligence/machine learning and Indicator of Attack (IOA) based threat prevention to stop known and unknown threats in real-time.
- Automate incident creation and response within ServiceNow based on malicious endpoint event activity detected by CrowdStrike Falcon platform
- Accelerate investigations within ServiceNow by bringing back all relevant endpoint event activity captured by CrowdStrike
- Enable security teams to quickly perform remediation tasks before an incident results in a breach
- Unify security and IT to accelerate threat prioritization and response
- Remediate Incidents with Real Time Response and Network Containment
This release adds support for Endpoint Alerts from the new unifed alerts UI
ITSM - Incident, Configuration Management