Skip to content

CrowdStrike

SailPoint Entro integrates with CrowdStrike to detect unauthorized machine credentials, enrich device data, discover AI Agents, and identify Non‑Human Identities (NHIs) linked to Active Directory or unmanaged endpoints.


Integration Scope

  • Device enrichment and NHI mapping

  • Unauthorized MCPs detection

  • Real‑time response and incident data ingestion

Management → Accounts & Integrations → Add New Account → CrowdStrike

Authentication

  • Integration uses an API Client ID and Secret generated from the CrowdStrike console.

Architecture

Entro Security Cloud
   ↕ (HTTPS/TLS 1.2+)
CrowdStrike Falcon Platform (API)

Security & Compliance

  • All API tokens are AES‑256 encrypted.

  • TLS 1.2+ enforced for all communications.

  • SailPoint Entro operates in a read‑only, non‑intrusive mode.