Beyond Identity and CrowdStrike: Configuration
In a cloud-centric world where users can access SaaS applications from any location, any time, and with any device. Zero trust is a must in order to prevent bad actors from gaining access to your data and applications.
Beyond Identity helps companies achieve the foundations of zero trust with unphishable, passwordless MFA that cryptographically validates user and device identity.
Our latest integration with CrowdStrike enables organizations to set authentication rules via our Policy Engine based on the presence of CrowdStrike Falcon, CrowdStrike Zero Trust Assessment score, and be able to quarantine devices.
With strong identity validation, granular device security posture checks, and continuous risk-based authentication, organizations can meet their zero trust goals.
Let’s get started. Go to CrowdStrike Falcon, select the API clients and Keys under the Support section. Select your API scopes and click “Add” to get your client ID and secret.
With the Client ID and Secret, you can set up CrowdStrike in the Beyond Identity Admin Console under Integrations. Now you’re ready to configure access policies that take into account the presence of CrowdStrike Falcon and CrowdStrike's Zero Trust Assessment Score. For instance, you can restrict access to only devices with CrowdStrike Falcon installed. Or you can specify that device with a Zero Trust Assessment score lower than 50 is denied access. You also have the option to allow access only with a successful biometric verification for devices with a score between a specified range. And of course, if both CrowdStrike Falcon is present and the Zero Trust Assessment Score is above a certain threshold, the user can gain access securely to their requested resource.
Finally, to achieve continuous authentication with the ability quarantine insecure devices, you only have to add the “CrowdStrike quarantine” action, which means that if a device falls below your security policy during an authenticated session, that user’s access will be revoked and their device quarantined.
This is a short overview of the Beyond Identity and CrowdStrike Falcon integration. For more information, visit beyondidentity.com/integrations/crowdstrike to learn more or get started.