Commvault's integration with CrowdStrike allows organizations to view Indicators of Compromise (IOC) insights within the Threat Indicators dashboard to perform actions to validate that backups are safe.
You can use CrowdStrike for the following:
- Receive threat intelligence insights, and view impacted servers in the Threat Indicators dashboard to drive proactive investigative actions for the clean recovery of data.
Before You Begin
- Download the Crowdstrike Falcon Insight XDR Connector workflow from the Commvault Store, and then install it. For more information, see Downloading or Updating a Workflow from the Commvault Store.
Procedure
-
From the navigation pane, go to Workflows.
The Forms page appears.
-
Click Crowdstrike Falcon Insight XDR Connector.
The Crowdstrike Falcon Insight XDR Connector dialog box appears.
-
Enter the following:
-
CrowdStrike Falcon Base URL
-
CrowdStrike Falcon Client ID
-
CrowdStrike Falcon Client Secret
-
-
Click OK.
The workflow installs.
What to Do Next
- To check for anomalies, go to the Threat Indicators Report for Partner Integration.