Identity Protection
Accessing and managing CrowdStrike Falcon Identity Protection capabilities
API Scopes
Section titled “API Scopes”Identity Protection Assessment:readIdentity Protection Detections:readIdentity Protection Entities:readIdentity Protection Timeline:readIdentity Protection GraphQL:write
falcon_investigate_entity
Section titled “falcon_investigate_entity”Required scopes: Identity Protection Assessment:read, Identity Protection Detections:read, Identity Protection Entities:read, Identity Protection Timeline:read, Identity Protection GraphQL:write
Comprehensive entity investigation tool.
This tool provides complete entity investigation capabilities including:
- Entity search and details lookup
- Activity timeline analysis
- Relationship and association mapping
- Risk assessment