Skip to main content

Netography Integrates with CrowdStrike Falcon to Automate Network Security on Endpoints

By William Toll, Sr. Director, Product Marketing

We are pleased to announce that we’ve added the capability to quarantine endpoints that are protected by CrowdStrike Falcon. 

Netography Fusion’s easy-to-implement alerting and incident remediation with its write once continuously run everywhere capability now enables security pros to stop endpoints from causing greater damage. 

Teams can automate network containment actions when a system appears infected and lateral movement, persistence, exfiltration, and other risks need to be prevented.

CrowdStrike’s Falcon Endpoint Detection and Response (EDR) platform’s APIs enable integrated security tools to quarantine the endpoint for a set amount of time.

Using this API, Netography customers can automatically contain endpoints, with the added ability to remove hosts from the quarantine list manually when the threat has been cleared.  Alternatively, hosts can be cleared after a set time period or when a specified number of blocked hosts has been reached..

Network containment is available for supported Windows, MacOS, and Linux operating systems. When they are contained, they lose the ability to make network connections to anything other than the CrowdStrike cloud infrastructure and any internal IP addresses that have been specified in the CrowdStrike Respond App.

If you are looking for unified visibility and control across your Atomized Network, or to learn more about how Netography Fusion can help your organization expand its endpoint security program, please contact us or request a demo.

Existing customers can learn more about our support for CrowdStrike endpoint response by visiting our support and documentation site in the Netography Fusion portal.