Findings
Generator
Configuration
Lucidum Reverse
Architecture
Statistics
← All Findings
Vendor:
CrowdStrike Falcon
FIN-579
Weight:
5
4
3
2
1
Confidence:
High
Medium
Low
Edited:
2026-03-06 18:14
Verified
What It Detects
Asset is not assigned to any CrowdStrike Falcon host group. Host groups are the primary mechanism for assigning prevention policies, sensor update policies, and device control policies in CrowdStrike. Assets without group assignment receive only the platform default policy, which typically has weaker prevention settings and may not enforce organization-specific security requirements.
MITRE ATT&CK Techniques
Comma-separated, e.g. T1078, T1190
Checks
read-only
Field
Operator
Value
Asset Groups
is_empty
Remediation
×
×
×
×
×
+ Add item
Why It Matters
×
×
×
+ Add item
Save Changes
Export Lucidum