Designed as a possible last step before a MDM Lock Computer command, this CrowdStrike Falcon / Jamf Pro combination approach may aid in keeping a Mac computer online for investigation, while discouraging end-user tampering
Learn now to enable Bluetooth device discovery in CrowdStrike Falcon for macOS
A proof-of-concept, caveat emptor workflow for securely executing a repository-hosted script
Designed as a possible last step before a MDM “Lock Computer” command, FSWL.bash *may aid in keeping a Mac computer online for investigation, while discouraging end-user tampering
A collection of macOS scripts for CrowdStrike Falcon Real Time Response
Gather the data you need — on-demand — while eliminating the need for short-term Extension Attributes
(Hopefully) automate the remediation of sideways Falcon installations
Provide your users more detailed feedback on CrowdStrike Falcon’s built-in falconctl diagnose command
Leverage MDM-delivered Configuration Profiles and a custom Bash script for dynamic, yet consistent Sensor Grouping Tags in CrowdStrike Falcon