InsightCloudSec Docs

Welcome to the InsightCloudSec Docs!

InsightCloudSec by Rapid7 (formerly DivvyCloud) is a Cloud-Native Security Platform that provides real-time analysis and automated remediation for continuous security and compliance for your multi-cloud environment.

For questions reach out to us through [email protected].

Take Me to the Docs!    Release Notes

Crowdstrike Integration

Instructions for Integration Between CrowdStrike & InsightCloudSec

The CrowdStrike integration provides InsightCloudSec with the ability to communicate with devices in your CrowdStrike Falcon account. The goal of this integration is to leverage InsightCloudSec capabilities to give organizations visibility into where the CrowdStrike Falcon Agent is deployed or missing across an organization’s AWS, Microsoft Azure, and Google Cloud Platform footprint.

Prerequisites and Requirements

Before getting started with this integration, ensure you have the following:

  • Domain or Org Admin permissions within InsightCloudSec
  • Familiarity and appropriate permissions for CrowdStrike
  • Required CrowdStrike configuration details to complete the integration:
    • CrowdStrike Base URL
    • CrowdStrike Client ID
    • CrowdStrike Client Secret

InsightCloudSec Setup

These steps assume that you have a functional CrowdStrike implementation to integrate with InsightCloudSec. Refer to the CrowdStrike documentation for specific details on configuration of any CrowdStrike components. Note that this integration only applies to the “Hosts” component of the CrowdStrike Falcon platform.

To integrate your existing CrowdStrike Falcon setup, refer to the following steps:

1. Within InsightCloudSec navigate to "Administration --> Integrations".

2. Locate the CrowdStrike card on the Integrations landing page and select "Edit".

Crowdstrike on the Integrations Landing PageCrowdstrike on the Integrations Landing Page

Crowdstrike on the Integrations Landing Page

3. Complete the integration form with the applicable details as follows:

  • CrowdStrike Base URL
  • CrowdStrike Client ID
  • CrowdStrike Client Secret
Crowdstrike Integration FormCrowdstrike Integration Form

Crowdstrike Integration Form

  1. Click "Save" to complete the integration.

Functional Details

Integration Configuration Specifics

After the integration is configured, InsightCloudSec will poll CrowdStrike daily at 2 a.m. UTC. This time was selected intentionally to avoid triggering API rate limiting during peak hours.

At present this polling time is not customizable, however a manual rescan can be triggered. Contact [email protected] for details.

Supported Filters

This integration includes the following filters (Note: the integration must be complete for these filters to work properly):

  • Instance With CrowdStrike Agent Configured
  • Instance Without CrowdStrike Agent Configured

Updated about a month ago

Crowdstrike Integration


Instructions for Integration Between CrowdStrike & InsightCloudSec

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.