WebsiteTest Drive

Hybrid Analysis

Hybrid Analysis is a Threat Intelligence (TI) integration. TI Data Source integrations are used during investigations to improve analysis and in interactive chat to help answer questions. They are optional, but enabling more tooling integrations enhances Dropzone analysis.

The Dropzone AI Platform integrates with Hybrid Analysis to perform file and URL analysis across several threat intelligence sources, including CrowdStrike Falcon Static Analysis (ML), Metadefender AV scan, and VirusTotal.

Create an API Key

Hybrid Analysis requires an API key to enable.

To obtain an API Key, do the following:

  • In the homepage of Hybrid Analysis, click on your name in the upper right hand corner and navigate to Profile

Navigate to Profile

  • Navigate to API Key

Click API Key

  • Click "Create API Key"

Create API Key

  • Copy the API Key for use later in the Dropzone UI where it is called "API key"

You will not need the API Secret to integrate with Dropzone AI.

Copy the API Key

Enable Hybrid Analysis

To enable the Data Source integration, do the following:

  • Navigate to your Dropzone AI tenant home page e.g. https://mycompany.dropzone.app

  • In the bottom left hand corner, click Settings > Integrations

Integrations Dropdown

  • Click "Available"

Click Available

  • In the Search bar, search Hybrid Analysis, then click "Configure"

The Hybrid Analysis Data Tile

  • Input the API key

  • Click "Test & Save" to finish

The Hybrid Analysis Data Source Configuration

If you have any errors engage your Dropzone AI support representative.

PreviousGreyNoiseNextHost.io

Last updated

Was this helpful?