CrowdStrike is a cybersecurity technology firm pioneering cloud-delivered next-generation endpoint protection and services. The CrowdStrike Spotlight feed ingests detailed information about the vulnerabilities in your environment. Falcon tracks vulnerabilities by industry-standard frameworks like Common Vulnerabilities and Exposures (CVE) and provides information about specific vulnerabilities on your hosts using the Falcon sensor.

The integration provides the following feeds:

• CrowdStrike Spotlight - queries CrowdStrike to get a list of vulnerability IDs.
• CrowdStrike Spotlight Fetch All Data (supplemental) - queries CrowdStrike to get all vulnerability IDs.
• CrowdStrike Spotlight Vulnerabilities (supplemental) - retrieves detailed info about a vulnerability.
• CrowdStrike Spotlight Remediations (supplemental) - retrieves detailed remediation info for a vulnerability.
• CrowdStrike Spotlight Evaluation Logic (supplemental) - retrieves the evaluation logic used to assess the vulnerability.

The integration ingests the following system objects:

• Assets
• Events
• Indicators
• Vulnerabilities