Findings
Generator
Configuration
Lucidum Reverse
Architecture
Statistics
← All Findings
Vendor:
CrowdStrike Falcon
FIN-592
Weight:
5
4
3
2
1
Confidence:
High
Medium
Low
Edited:
2026-03-06 18:14
Verified
What It Detects
Asset is not IT-managed (shadow IT) AND has active threat detections. This creates critical compound risk because there is no assigned owner or team responsible for responding to the threats. On a managed asset, threat detections trigger established incident response workflows with assigned responders. On an unmanaged asset, active threats can persist indefinitely with no one accountable for containment, investigation, or remediation.
MITRE ATT&CK Techniques
Comma-separated, e.g. T1078, T1190
Checks
read-only
Field
Operator
Value
IT Managed (True/False)
equals
False
Threat List
not_empty
Remediation
×
×
×
×
+ Add item
Why It Matters
×
×
×
×
+ Add item
Save Changes
Export Lucidum