CMU has a writeup on what it is, and why it is being deployed across the University.
Taken directly from https://www.cmu.edu/computing/services/security/secure/epdr.html
“The endpoint prevention, detection, and response service combines a software solution, CrowdStrike, for detecting and stopping malware and malicious behavior with centralized alerting, monitoring, and response services. It allows Computing Services to identify and stop suspicious behavior, investigate it, contain damage, and return to normal operations.”
“As of August 31, 2023, CrowdStrike is mandatory for all servers used for university business, research, and education unless contracts, consent forms, or other agreements prohibit it. This mandate reflects the current tolerance for security risk by university leadership. As the university continues a risk-based deployment approach, university-owned workstations (desktops and laptops) may become mandatory for CrowdStrike installation.”
FAQ:
General FAQ, please visit: https://www.cmu.edu/computing/services/security/secure/epdr.html
“CrowdStrike is designed to prevent behavior it determines to be malicious. If the sensor blocks an application or network connection, you will receive a pop-up notification that malicious behavior was detected. These notifications are simultaneously reported to the Information Security Office (ISO) for analysis. If further investigation or remediation is necessary, an ISO staff member or your local departmental security administrator will contact you. If the issue is causing a work stoppage, please contact the ISO or iso-ir@andrew.cmu.edu immediately.”
FAQ for ECE community members:
If your device is managed by ECE ITS, we will be taking care of this for you in line with the University guidelines.
If you have unmanaged device within ECE space and wish to install for the ECE Unmanaged CID, see below.
Adding the ECE Unmanaged CID & tag with AndrewID (ISO can easily identify who to notify)
If you don’t want to be within the ECE Unmanaged CID, please install from CMU OnTheHUB
For specific questions/concerns related to ECE Community contact us at mailto:help+epdr@ece.cmu.edu
For general questions, concerns please reach out to CMU Information Security Office (ISO)