CrowdStrike Containment Pending on Internet-Facing Asset

← All Findings

Vendor: CrowdStrike Falcon FIN-608 Weight: Confidence: Edited: 2026-03-06 18:15 Verified

What It Detects

MITRE ATT&CK Techniques

Comma-separated, e.g. T1078, T1190

Checks read-only

Field	Operator	Value
`Status`	equals	containment_pending
`Public IP Address`	not_empty

Remediation

Why It Matters