How to install and activate Crowdstrike Falcon Antivirus in a MacBook

How to install and activate Crowdstrike Falcon Antivirus

A simple guide to install and activate Crowdstrike Falcon antivirus to laptops running macOS. Note that this is dependent to client's requirements. Below is specific for Xendit.

Crowdstrike Falcon Antivirus Installation

1. Click on this link or open browser/Safari then copy and paste this link: https://drive.google.com/file/d/1AP1zqxbVJMYGFLPS8ssOOZDMvZu_Sbc_/view?usp=share_link

Important Note: When accessing your Google Drive in a client computer, make sure to use a Private/Incognito window.

2. Click Download button, a message will prompt that Google Drive can't scan this file for viruses, click Download Anyway then select Allow when asked to proceed with the download.

3. Wait until download is completed, go to Downloads folder and double click FalconSensorMacOS.MaverickGyr-[version].pkg 

4. An installation window will prompt, click Continue then Install

5. Input password when prompted to allow the installation

6. A message will show once installation is completed

7. Validate by checking the Falcon icon in the Launchpad

Or watch this video:

https://drive.google.com/file/d/1X5UvQlEO_G5LC5hJ7XA8q46TdXguURLr/view?usp=sharing

Crowdstrike Falcon Antivirus Activation

1. Go to Launchpad

2. Look for Terminal

3. Then input the code shown below to activate Falcon sensor:

sudo /Applications/Falcon.app/Contents/Resources/falconctl license EDR_CID EDR_Token

EDR_CID and EDR_Token details are provided by client to Esevel IT Admin.

4. After entering the code, input the computer account password then press Enter.

5. A message prompt will appear, click Allow

6. A message prompt will appear that says System Extension Blocked, click OK

7. Allow apps installation:

• For macOS Ventura and later: Go to System Settings > Privacy & Security, click “Allow” at the bottom section if there is a notification coming from “Falcon”

• For macOS Monterey and older: Go to System Preferences > Security & Privacy. Under General Tab, click “Allow” at the bottom section if there is a notification coming from “Falcon”

8. Grant Falcon app Full Disk Access:

• For macOS Ventura and later: Under System Settings > Privacy & Security. Go to “Privacy” tab then "Full Disk Access". Put a checkmark on “Falcon”. If “Falcon” is not showing on the list yet, please add it from the application library by pressing “+” then input password.

• For macOS Monterey and older: Under System Preferences > Security & Privacy > Full Disk Access > put a checkmark on “Falcon”, if “Falcon” is not showing on the list yet, please add it from the application library by pressing “+” then input password.

Crowdstrike Falcon Antivirus Validation

1. Go to Launchpad

2. Look for Terminal

3. Then input the code shown below:

sudo /Applications/Falcon.app/Contents/Resources/falconctl stats

The state in the “Cloud Info” section should be shown as “Connected”