[Request] Crowdstrike additional third-party response actions #6365
Assignees
Labels
Docset: ESS
Issues that apply to docs in the Stack release
Docset: Serverless
Issues for Serverless Security
Effort: Medium
Issues that take moderate but not substantial time to complete
Priority: Medium
Issues that have relevance, but aren't urgent
Team: EDR Workflows
Formerly Defend Workflows, Onboarding and Lifecycle Management
v8.18.0
Comments
natasha-moore-elastic
added
Team: EDR Workflows
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What can we change to make the docs better?
Description
We are adding new third-party actions to Crowdstrike response actions, which will allow users to execute remote commands using Crowdstrike agent through Elastic Security.
This is similar to the functionality (and docs) we previously added for Sentinel One and Crowdstrike: https://www.elastic.co/guide/en/security/current/third-party-actions.html
Background & resources
PRs:
Issues/metas: https://github.com/elastic/security-team/issues/10873
Point of contact: @caitlinbetz @tomsonpl @raqueltabuyo @ashokaditya @paul-tavares
Test environments:
Doc URL
This is similar to the functionality (and docs) we previously added for Sentinel One and Crowdstrike: https://www.elastic.co/guide/en/security/current/third-party-actions.html
Github issue link(s)/Other resources:
https://github.com/elastic/security-team/issues/10873
Which documentation set needs improvement?
ESS and serverless
Software version
ESS release
N/A
Serverless release
TBD
Feature differences
Feature will be the same in serverless/ESS
ESS release: 8.18
API docs impact
TBD
Prerequisites, privileges, feature flags
ESS & Serverless, Kibana privileges:
Security solution privilege: TBD
Actions and Connectors privilege:: EDR Connectors
The text was updated successfully, but these errors were encountered: