# CrowdStrike Integration

{% hint style="info" %}
:tada: Rezonate has officially announced the integration with CrowdStrike. \
read more about it in the [CrowdStrike marketplace](https://marketplace.crowdstrike.com/partners/rezonate)
{% endhint %}

Rezonate integrates with the CrowdStrike Falcon® platform to extend threat detection, response, and attack analysis to identities across cloud, SaaS, and identity providers. With this integration, SOC analysts can seamlessly correlate user-machine and cloud identity data, monitor activity, and assess the potential impact of compromised endpoints on cloud privileges. By bilaterally sharing threat signals and enabling response actions across the CrowdStrike and Rezonate platforms, security teams can detect and block lateral movement between on-premises and cloud environments, stopping attacks at any stage.

### Unified detection and response orchestration

Bilaterally share real-time threat signals from CrowdStrike and IOCs from Rezonate across platforms to improve threat detection and prevention of lateral movement, account takeovers, and cloud/SaaS privilege abuse

### Blast radius analysis

Extend the discovery of identities and privileges from CrowdStrike Falcon® Identity Protection across cloud, SaaS, and identity providers to enhance containment and minimize the damage of a potential attack

### Identity and access investigation

Streamline investigation of suspicious user and machine activities across cloud infrastructure, SaaS, and identity providers with shared real-time monitoring insights from Rezonate in the Falcon platform

<figure><img src="/files/cBLp5Yo6A6Ehn14udllN" alt=""><figcaption><p>ITDR Detection - Example, Rezonate.</p></figcaption></figure>

### Adding the integration

1. Set up the integration as defined in the [Integrating Permissions](/core-integrations/crowdstrike-integration/integrating-permissions.md).
2. Browse to the Rezonate Integration Page, and select the "Add new integration" button
3. Select CrowdStrike and fill out the form (Enter Account ID, And afterwards, the relevant API Key)

<figure><img src="/files/2I95GdLHiy3AwWwIncTE" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://kb.rezonate.io/core-integrations/crowdstrike-integration.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.