US 12,470,565 B1
Fine-grained access to system commands run via an installed agent application
Suraj Chafle, San Jose, CA (US); Robert Batzloff, Danville, CA (US); Emily Thompson, Apex, NC (US); and Ashley Federoff, Los Angeles, CA (US)
Assigned to CrowdStrike, Inc., Sunnyvale, CA (US)
Filed by CrowdStrike, Inc., Sunnyvale, CA (US)
Filed on Dec. 10, 2024, as Appl. No. 18/975,533.
Int. Cl. H04L 9/40 (2022.01)
CPC H04L 63/105 (2013.01) 20 Claims
OG exemplary drawing
 
1. A method, comprising:
receiving, from an agent application, a user identifier and an indication of an agent application command with respect to a target endpoint, wherein the agent application command is included in a plurality of agent application commands assigned to a first user type that is different from a second user type corresponding to the user identifier;
determining that the second user type lacks permission to execute the plurality of agent application commands assigned to the first user type;
mapping, by a processing device, the agent application command to a permission level assigned to the agent application command based on the determination that the second user type lacks the permission;
determining, based on the mapping, that the permission level is assigned to the user identifier; and
enabling, based on the determination that the second user type lacks the permission to execute the plurality of agent application commands and based the determination that the permission level is assigned to the user identifier, the agent application to execute the agent application command with respect to the target endpoint.