• Last Updated
    Aug 29, 2023
  • Version
    1.0.0
  • Compatibility
    ThreatQ versions >= 5.10.0
  • CrowdStrike Spotlight CDF

    ThreatQuotient

    Overview

    CrowdStrike is a cybersecurity technology firm pioneering cloud-delivered next-generation endpoint protection and services. The CrowdStrike Spotlight feed ingests detailed information about the vulnerabilities in your environment. Falcon tracks vulnerabilities by industry-standard frameworks like Common Vulnerabilities and Exposures (CVE) and provides information about specific vulnerabilities on your hosts using the Falcon sensor.

    The integration provides the following feeds:

    • CrowdStrike Spotlight - queries CrowdStrike to get a list of vulnerability IDs.
    • CrowdStrike Spotlight Fetch All Data (supplemental) - queries CrowdStrike to get all vulnerability IDs.
    • CrowdStrike Spotlight Vulnerabilities (supplemental) - retrieves detailed info about a vulnerability.
    • CrowdStrike Spotlight Remediations (supplemental) - retrieves detailed remediation info for a vulnerability.
    • CrowdStrike Spotlight Evaluation Logic (supplemental) - retrieves the evaluation logic used to assess the vulnerability.

    The integration ingests the following system objects:

    • Assets
    • Events
    • Indicators
    • Vulnerabilities

    Copyright © 2025, ThreatQuotient, Inc. All Rights Reserved. Privacy Policy