In this article:

    Applicable to:

    • Twingate Component:  Client | Device Security | Crowdstrike
    • Platform: macOS | Windows

    Overview

    CrowdStrike is connected and working but not detected by Twingate.

    Symptoms

    • CrowdStrike is successfully installed on the host and is reporting into the CrowdStrike dashboard.
    • The same device/host in Twingate shows "CrowdStrike not detected" status.

     

    Cause

    The CrowdStrike Zero Trust Assessment feature for Third Parties is likely not fully enabled or configured. This integration requires that the CrowdStrike Falcon Zero Trust Assessment feature is enabled and third parties are allowed directly with CrowdStrike. Without this feature, and providing CrowdStrike the CID for third party that needs to be enabled, the the ZTA file described below will not be deployed on devices, or can be seen with 0kb.

    See CrowdStrike Configuration for further information.

     

    Troubleshooting

    • Verify the data.zta file in the below corresponding directories is neither missing nor empty.
      macOS: /Library/Application Support/Crowdstrike/ZeroTrustAssessment/
      Windows: %ProgramData%\CrowdStrike\ZeroTrustAsssessment\

    Resolution

    Enable the CrowdStrike Zero Trust Assessment feature and share the CID with CrowdStrike for the Twingate integration. CrowdStrike customers can ask that this functionality be enabled by reaching out to the CrowdStrike customer support team directly.