Findings
Generator
Configuration
Lucidum Reverse
Architecture
Statistics
← All Findings
Vendor:
CrowdStrike Falcon
FIN-611
Weight:
5
4
3
2
1
Confidence:
High
Medium
Low
Edited:
2026-03-06 18:15
Verified
What It Detects
An internet-facing asset has active high-severity threat detections in CrowdStrike Falcon. While not classified as critical, high-severity detections on externally reachable hosts indicate significant compromise risk. The internet exposure provides attackers with direct network access for command-and-control, lateral movement staging, or data exfiltration. High-severity detections on internet-facing assets require elevated response priority compared to the same detections on internal-only hosts.
MITRE ATT&CK Techniques
Comma-separated, e.g. T1078, T1190
Checks
read-only
Field
Operator
Value
High Severity Threat List
not_empty
Public IP Address
not_empty
Remediation
×
×
×
×
+ Add item
Why It Matters
×
×
×
+ Add item
Save Changes
Export Lucidum