In the event of a Ransomware event, it is recommended that you lock down the Firewall and to have the following IPs whitelisted in your Firewall to allow the CS Agent to still communicate with the CS Cloud, which allows the Overwatch team to be able to respond to the incident.
All communications between the CS Agent and the CS Cloud occur over port 443 (outbound only).
For more information about CrowdStrike IPs(All MiSecure CIDs are under US-2): Cloud IP Addresses & FQDNS