Hybrid Analysis

Hybrid Analysis is a Threat Intelligence (TI) integration. TI Data Source integrations are used during investigations to improve analysis and in interactive chat to help answer questions. They are optional, but enabling more tooling integrations enhances Dropzone analysis.

The Dropzone AI Platform integrates with Hybrid Analysis to perform file and URL analysis across several threat intelligence sources, including CrowdStrike Falcon Static Analysis (ML), Metadefender AV scan, and VirusTotal.

Create an API Key

Hybrid Analysis requires an API key to enable.

To obtain an API Key, do the following:

  • In the homepage of Hybrid Analysis, click on your name in the upper right hand corner and navigate to Profile

  • Navigate to API Key

  • Click "Create API Key"

  • Copy the API Key and Secret, and store in a safe location. You will not need the API Secret to integrate with Dropzone

Enable Hybrid Analysis

To enable the Data Source integration, do the following:

  • Navigate to your Dropzone AI tenant home page e.g. https://mycompany.dropzone.ai

  • Click System > Integrations

  • Click "Data Sources" in the top left corner

  • In the THREAT INTEL section, find the Hybrid Analysis tile and click "Connect"

  • Input the API Key

  • Click "Test & Save"

If you have any errors engage your Dropzone AI support representative.

Last updated