Netography Integrates with CrowdStrike Falcon to Automate Network Security on Endpoints
By William Toll, Sr. Director, Product Marketing
We are pleased to announce that we’ve added the capability to quarantine endpoints that are protected by CrowdStrike Falcon.
Netography Fusion’s easy-to-implement alerting and incident remediation with its write once continuously run everywhere capability now enables security pros to stop endpoints from causing greater damage.
Teams can automate network containment actions when a system appears infected and lateral movement, persistence, exfiltration, and other risks need to be prevented.
CrowdStrike’s Falcon Endpoint Detection and Response (EDR) platform’s APIs enable integrated security tools to quarantine the endpoint for a set amount of time.
Using this API, Netography customers can automatically contain endpoints, with the added ability to remove hosts from the quarantine list manually when the threat has been cleared. Alternatively, hosts can be cleared after a set time period or when a specified number of blocked hosts has been reached..
Network containment is available for supported Windows, MacOS, and Linux operating systems. When they are contained, they lose the ability to make network connections to anything other than the CrowdStrike cloud infrastructure and any internal IP addresses that have been specified in the CrowdStrike Respond App.