Hybrid Analysis is a Threat Intelligence (TI) integration. TI Data Source integrations are used during investigations to improve analysis and in interactive chat to help answer questions. They are optional, but enabling more tooling integrations enhances Dropzone analysis.
The Dropzone AI Platform integrates with Hybrid Analysis to perform file and URL analysis across several threat intelligence sources, including CrowdStrike Falcon Static Analysis (ML), Metadefender AV scan, and VirusTotal.
Create an API Key
Hybrid Analysis requires an API key to enable.
To obtain an API Key, do the following:
In the homepage of Hybrid Analysis, click on your name in the upper right hand corner and navigate to Profile
Navigate to Profile
Navigate to API Key
Click API Key
Click "Create API Key"
Create API Key
Copy the API Key for use later in the Dropzone UI where it is called "API key"
You will not need the API Secret to integrate with Dropzone AI.
Copy the API Key
Enable Hybrid Analysis
To enable the Data Source integration, do the following:
Navigate to your Dropzone AI tenant home page e.g. https://mycompany.dropzone.app
In the bottom left hand corner, click Settings > Integrations
Integrations Dropdown
Click "Available"
Click Available
In the Search bar, search Hybrid Analysis, then click "Configure"
The Hybrid Analysis Data Tile
Input the API key
Click "Test & Save" to finish
The Hybrid Analysis Data Source Configuration
If you have any errors engage your Dropzone AI support representative.
