In keeping with Crowdstrike’s recommended best practices, the Information Security Office will be enabling recently delivered features to the Crowdstrike prevention policies. The new features will be enabled for opt-in test groups first. After a test period of 10 days, the same changes will be made in the production prevention policies. We are asking SCAD/DCS for volunteer machines for the test group.
Feature to be enabled
Windows
- Detect and Quarantine on Write - Machine learning to analyze and quarantine suspicious files.
Windows and macOS
- Quarantine executable files after they’re prevented by NGAV.
Linux
- Unknown Executables Detection and Analysis - Advanced analysis for unknown detection-related executables
- Filesystem Visibility - Improved analysis of filesystem activity.
- Network Visibility - Improved analysis of network activity.
To volunteer for the test group, email [email protected] stating that you would like to participate and provide the hostname, MAC address, and operating system (Apple, Windows 10/11, Windows Server, or Linux server) for each system which you would like to have participate.