Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products

How to View Dell Trusted Device BIOS Verification Results in CrowdStrike Falcon

Summary: Dell Trusted Device BIOS Verification telemetry can be integrated with the CrowdStrike Falcon platform using the following configuration details.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.

Instructions

Note: The v7.17 Falcon Sensor is available using the Early Adopter setting in the Sensor Update Policies.

The BIOS Verification telemetry of Dell Trusted Device can be integrated with the CrowdStrike Falcon platform. This provides administrators the ability to view the BIOS verification statuses of their endpoints in CrowdStrike Falcon.


Affected Products:

  • CrowdStrike
  • Dell Trusted Device

Affected Versions:

  • CrowdStrike Falcon version 7.17 and later
  • Dell Trusted Device version 6.3 and later

Affected Hardware:

  • Latitude
  • OptiPlex
  • Precision
  • XPS

Affected Operating Systems:

  • Windows 11
  • Windows 10

An administrator may configure the environment for BIOS Verification Results in CrowdStrike Falcon. Once configured, CrowdStrike Falcon Insight-enabled environments can then Leverage CrowdStrike Falcon Insight Next-Gen SIEM for customizable information. Select the appropriate topic for more information about how to configure it.

BIOS Verification Results in CrowdStrike Falcon

  1. Install Dell Trusted Device.
    Note: For more information about installing Dell Trusted Device, reference How to Install Dell Trusted Device.
  2. Install CrowdStrike Falcon Sensor.
    Note: For more information about installing CrowdStrike Falcon Sensor, reference How to Install CrowdStrike Falcon Sensor.
  3. In either a Google Chrome or Microsoft Edge browser, go to your Falcon Console login URL.
  4. Log in to the Falcon Console.
    Logging in to the Falcon Console.
  5. From the left menu pane, click Investigate and then select BIOS Prevalence.
    Selecting Investigate and then BIOS Prevalence
  6. Once the BIOS Prevalence dashboard loads, Dell computers with both Dell Trusted Device and the CrowdStrike Falcon sensor installed begin reporting enhanced telemetry data represented on this dashboard with the Manufacturer Verified field.
    Enhanced telemetry data is located in the Manufacturer Verified field

Leverage CrowdStrike Falcon Insight Next-Gen SIEM

CrowdStrike Falcon Insight-enabled environments can leverage Next-Gen SIEM for customizable searches and reports.

  1. In either a Google Chrome or Microsoft Edge browser, go to your Falcon Console login URL.
  2. From the left menu pane, click Next-Gen SIEM and then select Event search.
    Clicking Next-Gen SIEM and then Event search from the left menu pane
  3. In the Match field:
    1. In the first field, type and then select DellTrustedDeviceBIOSVerificationResult.
    2. In the second field, select is equal to.
    3. In the third field, select the appropriate result:
      • INVALID
      • BIOS_ANALYZED_RESULT_PASS
      • BIOS_ANALYZED_RESULT_FAIL
      • BIOS_NOT_ANALYZED_RESULT_UNAVAILABLE
    Filling out the Match fields
  4. Click the Run query button to perform the search using the search parameters selected (Step 3).
    Run query button

To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.

Affected Products

OptiPlex, XPS, Latitude, XPS, Fixed Workstations, Mobile Workstations, CrowdStrike, Dell Trusted Device
Article Properties
Article Number: 000226602
Article Type: How To
Last Modified: 27 Sep 2024
Version:  4
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.