Hybrid Analysis
Last updated
Last updated
Hybrid Analysis is a Threat Intelligence (TI) integration. TI Data Source integrations are used during investigations to improve analysis and in interactive chat to help answer questions. They are optional, but enabling more tooling integrations enhances Dropzone analysis.
The Dropzone AI Platform integrates with Hybrid Analysis to perform file and URL analysis across several threat intelligence sources, including CrowdStrike Falcon Static Analysis (ML), Metadefender AV scan, and VirusTotal.
Hybrid Analysis requires an API key to enable.
To obtain an API Key, do the following:
In the homepage of Hybrid Analysis, click on your name in the upper right hand corner and navigate to Profile
Navigate to API Key
Click "Create API Key"
Copy the API Key and Secret, and store in a safe location. You will not need the API Secret to integrate with Dropzone
To enable the Data Source integration, do the following:
Navigate to your Dropzone AI tenant home page e.g. https://mycompany.dropzone.ai
Click System > Integrations
Click "Data Sources" in the top left corner
In the THREAT INTEL section, find the Hybrid Analysis tile and click "Connect"
Input the API Key
Click "Test & Save"
If you have any errors engage your Dropzone AI support representative.
