Add Crowdstrike ZTA description (#181)

netbirdio · Apr 19, 2024 · 52d4355 · 52d4355
1 parent fe6878c
commit 52d4355
Show file tree

Hide file tree

Showing 5 changed files with 15 additions and 5 deletions.
diff --git a/public/docs-static/img/how-to-guides/crowdstrike-groups-zta.png b/public/docs-static/img/how-to-guides/crowdstrike-groups-zta.png
diff --git a/public/docs-static/img/how-to-guides/crowdstrike-groups.png b/public/docs-static/img/how-to-guides/crowdstrike-groups.png
diff --git a/src/components/NavigationDocs.jsx b/src/components/NavigationDocs.jsx
@@ -105,7 +105,7 @@ export const docsNavigation = [
                  {title: 'Activity event streaming', href: '/how-to/activity-event-streaming-to-siem-systems' },
                  {title: 'Identity provider sync', href: '/how-to/idp-sync' },
                  {title: 'Enable post quantum cryptography', href: '/how-to/enable-post-quantum-cryptography' },
-                 {title: 'Endpoint Detection and Response (EDR)', href: '/how-to/endpoint-detection-and-response' },
+                 {title: 'Endpoint detection and response (EDR)', href: '/how-to/endpoint-detection-and-response' },
              ]
          },
 

diff --git a/src/pages/how-to/approve-peers.mdx b/src/pages/how-to/approve-peers.mdx
@@ -29,6 +29,11 @@ To approve a peer, navigate to the [peers tab](https://app.netbird.io/peers) and
     <img src="/docs-static/img/how-to-guides/peer-needs-approval.png" alt="peer-needs-approval" className="imagewrapper"/>
 </p>
 
+## Automate peer approval with EDR integrations
+NetBird integrates with popular EDR solutions like [CrowdStrike](https://www.crowdstrike.com/) to automate peer approval
+and allow only trusted devices to join the network.
+Check the [EDR integrations](/how-to/endpoint-detection-and-response) guide for more information on how to enable this feature.
+
 ## Get started
 <p float="center" >
     <Button name="button" className="button-5" onClick={() => window.open("https://netbird.io/pricing")}>Use NetBird</Button>

diff --git a/src/pages/how-to/endpoint-detection-and-response.mdx b/src/pages/how-to/endpoint-detection-and-response.mdx
@@ -1,4 +1,4 @@
-# Endpoint Detection and Response (EDR)
+# Endpoint detection and response (EDR)
 
 Endpoint Detection and Response (EDR) is a cybersecurity technology designed to help organizations detect, investigate,
 and respond to threats on endpoint devices. An endpoint is any device that is connected to a network, such as laptops,
@@ -12,6 +12,9 @@ NetBird integrates with major EDR platforms to restrict network access only to d
 With the integration enabled, NetBird synchronizes the list of devices managed by the EDR platform via the API and
 checks the presence of the EDR agent on the device, blocking access to the network if the agent is not installed.
 
+In addition to the aforementioned features, the system also has the capability to check the Zero Trust Assessment (ZTA) score of the hosts.
+The system can limit network access based on this ZTA score. For instance, if a device has a ZTA score below the set threshold, it may be deemed too risky and thus, denied access to the network.
+
 NetBird doesn't apply the EDR checks to all devices in the network. Instead, you can select specific groups of devices for
 the checks to apply.
 
@@ -31,6 +34,7 @@ Before you start creating and configuring a CrowdStrike integration, ensure that
 - Navigate to the [API clients and keys](https://falcon.eu-1.crowdstrike.com/api-clients-and-keys/) page
 - Click `Create API client` at the top, right corner
 - Set Hosts - Read permission
+- Set Zero Trust Assessment - Read permission
 - Click `Create`
 - Copy the credentials. You will need these credentials when configuring an integration in NetBird.
 
@@ -50,13 +54,14 @@ Before you start creating and configuring a CrowdStrike integration, ensure that
 <p>
     <img src="/docs-static/img/how-to-guides/crowdstrike-credentials.png" alt="crowdstrike-credentials" className="imagewrapper"/>
 </p>
-- Select groups you want to apply the integration to and click `Connect`.
+- Select groups you want to apply the integration to 
+- If you would like to apply a ZTA threshold, then enable the [Zero Trust Assessment Score](https://www.crowdstrike.com/blog/tech-center/securing-private-applications-with-crowdstrike-zero-trust-assessment-and-aws-verified-access/) and set the desired limit, and click `Connect`.
 <p>
-    <img src="/docs-static/img/how-to-guides/crowdstrike-groups.png" alt="crowdstrike-groups" className="imagewrapper"/>
+    <img src="/docs-static/img/how-to-guides/crowdstrike-groups-zta.png" alt="crowdstrike-groups-zta" className="imagewrapper"/>
 </p>
 
 <Note>
-    The EDR check will apply only to machines in the selected groups and will require the presence of the CrowdStrike agent.
+    The EDR check will apply only to machines in the selected groups and will require a running CrowdStrike agent.
 </Note>
 <Note>
     You can also use groups [synchronized from your Identity Provider (IdP)](/how-to/idp-sync).