Appendix E - Integrating CrowdStrike Falcon

The integration of Infinity Playblocks with CrowdStrike Falcon allows you to receive real-time alerts from CrowdStrike Falcon for Endpoint and take corrective actions through automations. These automated workflows enable faster responses and more efficient threat management.

Note - Make sure you have the necessary permissions to isolate (contain) and de-isolate devices.

Integrating CrowdStrike Falcon

1. Log in to the CrowdStrike Falcon web portal:

   1. Go to Support and resources > API clients and keys.

      

      The API Clients and Keys window appears.

      

   2. Click Add new API client.

      The Create API client window appears.

      

   3. Enter these:

      • Client name

      • Description

   4. Select the relevant scopes checkbox(s).

   5. Click Create.

      The API client created window appears.

      

   6. Click to copy Client ID, Secret Key and Base URL.

   7. Click Done.