Hybrid Analysis
Hybrid Analysis is a Threat Intelligence (TI) integration. TI Data Source integrations are used during investigations to improve analysis and in interactive chat to help answer questions. They are optional, but enabling more tooling integrations enhances Dropzone analysis.
The Dropzone AI Platform integrates with Hybrid Analysis to perform file and URL analysis across several threat intelligence sources, including CrowdStrike Falcon Static Analysis (ML), Metadefender AV scan, and VirusTotal.
Create an API Key
Hybrid Analysis requires an API key to enable.
To obtain an API Key, do the following:
In the homepage of Hybrid Analysis, click on your name in the upper right hand corner and navigate to Profile
Navigate to API Key
Click "Create API Key"
Copy the API Key and Secret, and store in a safe location. You will not need the API Secret to integrate with Dropzone
Enable Hybrid Analysis
To enable the Data Source integration, do the following:
Navigate to your Dropzone AI tenant home page e.g. https://mycompany.dropzone.ai
Click System > Integrations
Click "Data Sources" in the top left corner
In the THREAT INTEL section, find the Hybrid Analysis tile and click "Connect"
Input the API Key
Click "Test & Save"
If you have any errors engage your Dropzone AI support representative.
Last updated