Evan Stoner
Evan Stoner
This change makes the OpenShift deployment guide more succinct and opinionated. - Align readme with AWS prescriptive guidance format. - Clearly favor the node sensor deployment. Move container sensor deployment...
**Is your feature request related to a problem? Please describe**: Previously end users were able to easily enable software emulation by [modifying the `kubevirt-config` ConfigMap](https://developers.redhat.com/blog/2020/09/17/how-to-switch-red-hat-openshift-virtualization-from-hardware-virtualization-to-software-emulation#step_2__update_the_kubevirt_config_file_for_software_emulation). This is now deprecated, and...
> [!IMPORTANT] > This bug has already been triaged by CrowdStrike engineering and was fixed in #569. We'll use this issue to track a workaround until the fix is released....
[Per console docs](https://falcon.crowdstrike.com/documentation/page/a0cf9976/deploy-image-assessment-at-runtime-with-a-helm-chart#r84305ef) the required API scopes for IAR are: - Falcon Container CLI (Write) - Falcon Container Image (Read/Write) - Falcon Images Download (Read) But our docs only reflect...
The operator manages the lifecycle of the installNamespace (default falcon-system). When deploying from a custom registry that requires a pull secret, the user has to either: 1. Create the falcon-system...
It's a common error to not set additional falcon parameters that the CID or environment requires. In the docs when deploying the node sensor, make a note of those and...
Related API method: https://falconpy.io/Service-Collections/Intel.html#getlatestintelrulefile - type = yara-master - Downloads as zip of a single .yara file Prereqs: - SKU: Adversary Intelligence Premium - API scope: Rules (Falcon Intelligence): Read...
`/hunting/entities/archive-exports/v1` accepts a language, filter, and archive_type so that the user can download a more specific list of rules compared to #602