SailPoint’s CrowdStrike connector is an Identity Risk SaaS connector that securely connects with your CrowdStrike system and aggregates the account details, along with the risk information for Identity Protection. This connector is developed in SaaS Platform Connectivity, which is next-generation pure SaaS Connectivity that doesn't require any Virtual Appliance.
The core capability of this connector is Identity Protection - Risky User Alert Feature which bring the risk information from CrowdStrike Falcon system.
With the security reports in CrowdStrike, you can gauge the probability of compromised user accounts in your environment. A user flagged for risk is an indicator for a user account that might have been compromised. The risky user represents the probability that a given identity or account is compromised. These risks are calculated offline using CrowdStrike's internal and external threat intelligence sources. The supported Risky User Alert attributes are riskScore
, riskScoreSeverity
, and riskFactors
.
This SaaS Connector is developed by SailPoint's Engineering team and supported under the annual SailPoint support and maintenance. Reach out to SailPoint support for assistance.
SailPoint is offering this connector on the new SaaS Connectivity Platform for Identity Security Cloud. Connectors running on this new platform do not require a virtual appliance.
Is there any way to connect to CrowdStrike if we just want to aggregate accounts in the Crowdstrike admin console without CrowdStrike Falcon?
Will this not be supported for IdentityIQ?