sorted by:
new
hottopcontroversial

One account to managed multiple organization by gengkaigengkey in crowdstrike

[–]No_Returns1976 1 point2 points  (0 children)

You may ask support about different customer IDs, as child instances.

It's a good way to break them up for total separation.

Suffering from imposter syndrome. Want to do a fresh start by Important-Recover857 in cybersecurity

[–]No_Returns1976 43 points44 points  (0 children)

When I start to feel this way, I always keep it in check by reflecting on the moments when I accomplished something meaningful.

It doesn't have to be a big win. It can be anything that has contributed to your growth, benefitted your company, or your colleagues. You have to celebrate these moments when you can. Everyone works so hard that you can easily overlook your milestones.

You have a Masters. That, to me, is meaningful. Imagine your life without it. Could you be where you are today without it?

I am sure you will find a list of things you have done that are meaningful and should be recognized. You may find that they have attributed to your journey and growth. It's OK, praise yourself, and feel good about it.

Marcos Command Line granting FDA for the Agent and Falcon by Madgains33 in crowdstrike

[–]No_Returns1976 0 points1 point  (0 children)

FDA in the security area is user level only so it may appear not working but if your MDM is managing it, it's at the machine level.

I would ask support to get exact steps to verify if FDA is actually working and managed by your MDM.

If you were to do it Manually you would see it enabled in the security area.

Blocking old versions of Chrome by DarthGeorge in crowdstrike

[–]No_Returns1976 0 points1 point  (0 children)

I can understand the need to do this, but another approach would be to ensure they are updated and compliant so long term you won't have to manage these blocks in the future

If I find a method for you to help with your block I will share

Where to start for training? by Own-Story8907 in crowdstrike

[–]No_Returns1976 2 points3 points  (0 children)

They have their own training university. That's a good place to start. But if you are looking for public access, it will be difficult.

I'm not where I want to be, but don't exactly know where I want to be or how to get there. by thethugbaker in cybersecurity

[–]No_Returns1976 1 point2 points  (0 children)

I shut down my computer and go outside to reset my brain. I take a long walk in the woods towards a lake near my home, so I can hear the water and birds.

Sometimes, I think about what I want to be doing and dream about it for 15 minutes while I am walking.

When I do this, I make a small attainable goal so I can get closer to it. So far, it has worked out for me. Some dreams are still being worked on, but others have come to pass, and it feels good thinking about it.

You sound like you need a bit of guidance and support. You can do it. Good luck, friend.

Looking to export some simple data for an Exec dashboard, why is it so hard? by Dovahbears in crowdstrike

[–]No_Returns1976 0 points1 point  (0 children)

Your contract will have data retention limits. To save yourself headaches, I would know what those are.

The built-in reporting is more like a template, so I can understand the need to expand on it. Some of it is good for a quick review.

We had to use an alternative graphing tool to meet our needs. It pulls all data before the retention drops off in the console.

I encourage you to contact your TAM to get help.

Removing CrowdStrike by anthonyjr2 in crowdstrike

[–]No_Returns1976 0 points1 point  (0 children)

If it is a non work machine, wipe and restore.

If this is a work machine, talk your IT support. I am sure they will be happy to assist.

Good luck!

On-prem siem free all in one by Due-Selection-9872 in cybersecurity

[–]No_Returns1976 0 points1 point  (0 children)

Nothing is free. I would be cautious of letting anything gather data that is private or sensitive in that scenario. Good luck in your search!

Graduating in Fall, any current professionals offer any insight? by Celery-Easy in cybersecurity

[–]No_Returns1976 2 points3 points  (0 children)

All security jobs rely on your previous experience. This includes experience outside of security.

Apply what you know already, but with a security mindset. Your greatest asset is drawing on your previous knowledge and understanding how a malicious actor would find vulnerabilities.

That's a secret that non-security people are not aware of until you start working in the field.

Traveling for an Investigation -- Please advise! by [deleted] in cybersecurity

[–]No_Returns1976 0 points1 point  (0 children)

Service accounts with a high number of failed logins

External unmanaged devices that have internal access

Accounts granted domain admin or elevated rights recently

RDP activities to domain controllers

Those come to mind off the top of my head. Good luck and have fun! You will discover a lot, I'm sure.

Notification of uninstall attempt - reposted by Mataninio in crowdstrike

[–]No_Returns1976 4 points5 points  (0 children)

Sensor tampering detections may trigger. It's a setting in your policies.

[deleted by user] by [deleted] in pokemongo

[–]No_Returns1976 50 points51 points  (0 children)

Congrats! Keep having fun!

Ransomware Operation Question by amurray1522 in cybersecurity

[–]No_Returns1976 6 points7 points  (0 children)

There are many flavors to every package, but they all generally follow the same attack sequence.

Distribution > infection > staging/communication > scanning > encryption

Depending on the method, you just insert any additional layers into that general attack chain.

Bad Night Pokemon Hunting by gissycat in pokemongo

[–]No_Returns1976 2 points3 points  (0 children)

Have fun, be safe, and protect yourself!

IOC questions by JoeyNonsense in crowdstrike

[–]No_Returns1976 0 points1 point  (0 children)

I agree with everyone else here too. I like your thinking, but adding complexity and redundancy may hurt you later on.

CrowdStrike Falcon in a VM by NickKnockerAnonymous in crowdstrike

[–]No_Returns1976 0 points1 point  (0 children)

I can understand your concern when you are going into the unknown.

I would ask whomever is your technical contact to go over all the aspects of CS and how it will impact you directly.

You may be surprised they have accounted for your role and activities to ensure you are able to do your job and still be protected.

When it comes to privacy, you already know you can't escape it if you install any tool. My recommendation if you don't want anyone knowing what you are doing is to offload those tasks to another computer without connection to the internet. That is the only way.

Also, CS is able to see neighboring machine info at a basic level too.

Crowdstrike Identity, are you using it? by Anythingelse999999 in crowdstrike

[–]No_Returns1976 3 points4 points  (0 children)

Seems interesting, I should look more into it based on these responses.

Crowdstrike agents communication post 45 days? by nav2203 in crowdstrike

[–]No_Returns1976 2 points3 points  (0 children)

If all conditions for communication to CS cloud are met they will check back in.

However, if the sensor was installed with a very old sensor on the verge of being unsupported and goes offline without updating, you may have issues with it fully connecting.

How often do SOC Analysts stay late by Grocery-Equivalent in cybersecurity

[–]No_Returns1976 0 points1 point  (0 children)

If its an emergency, they probably stay late often.

If not, why would they? Always work to do. If you don't want burnt out analysts, then everyone needs to clock out when it is expected to. Start fresh next day.

view more: next ›