Dropzone AI Documentation
WebsiteTest Drive
  • Dropzone Documentation
  • Overview
    • Alert Sources
    • Data Sources
    • Communicators
    • On-prem Support - Dropzone Connector
    • Interactive Chat
    • Metrics Guide
  • Dropzone Administraton
    • Team Admin
      • Google Workspace SAML
      • Okta SAML
  • Dropzone Integrations
    • Alert + Data Source Integrations
      • Amazon Web Services (AWS)
        • Cross-Account Access via CloudFormation
        • Cross-Account Access via Console
      • CrowdStrike
      • Datadog
      • Elasticsearch
      • Google Workspace
      • Google GCP
      • Jira
      • Microsoft (MS 365 etc)
        • Microsoft 365 / Microsoft Defender
        • Microsoft Sentinel
        • Microsoft 365 Exchange Online Management
      • Palo Alto Networks Firewall
      • Panther
      • QRadar
      • SentinelOne
      • Splunk
      • Sumo Logic
    • Alert Integrations
      • Gem
      • ServiceNow
    • Communicators
      • Microsoft Teams
      • Slack Communicator
    • Data Source Integrations
      • AbuseIPDB
      • Active Directory (LDAP)
      • Archive Inspector
      • Blocklist.de
      • CAPA
      • Censys
      • Crowdstrike Falcon Intelligence
      • DNSResolver
      • Dropzone URL Sandbox
      • EchoTrail
      • File
      • GreyNoise
      • Hybrid Analysis
      • Host.io
      • IPInfo.io
      • IPQualityScore
      • MalwareBazaar
      • Nuclei
      • NVD
      • Okta
      • oletools
      • OpenSSL Sign Code
      • PDF Analysis
      • Perplexity AI
      • PhishTank
      • Shodan
      • TShark
      • QRadar
      • UnshortenMe
      • URLhaus
      • Urlscan.io
      • VirusTotal
      • Vision
      • WHOIS
      • YARAify
Powered by GitBook
On this page
  • Create an API Key
  • Enable Hybrid Analysis

Was this helpful?

  1. Dropzone Integrations
  2. Data Source Integrations

Hybrid Analysis

PreviousGreyNoiseNextHost.io

Last updated 2 days ago

Was this helpful?

Hybrid Analysis is a Threat Intelligence (TI) integration. TI Data Source integrations are used during investigations to improve analysis and in interactive chat to help answer questions. They are optional, but enabling more tooling integrations enhances Dropzone analysis.

The Dropzone AI Platform integrates with Hybrid Analysis to perform file and URL analysis across several threat intelligence sources, including CrowdStrike Falcon Static Analysis (ML), Metadefender AV scan, and VirusTotal.

Create an API Key

Hybrid Analysis requires an API key to enable.

To obtain an API Key, do the following:

  • In the homepage of Hybrid Analysis, click on your name in the upper right hand corner and navigate to Profile

  • Navigate to API Key

  • Click "Create API Key"

  • Copy the API Key for use later in the Dropzone UI where it is called "API key"

You will not need the API Secret to integrate with Dropzone AI.

Enable Hybrid Analysis

To enable the Data Source integration, do the following:

  • Navigate to your Dropzone AI tenant home page e.g. https://mycompany.dropzone.app

  • In the bottom left hand corner, click Settings > Integrations

  • Click "Available"

  • In the Search bar, search Hybrid Analysis, then click "Configure"

  • Input the API key

  • Click "Test & Save" to finish

If you have any errors engage your Dropzone AI support representative.

Navigate to Profile
Click API Key
Create API Key
Copy the API Key
Integrations Dropdown
Click Available
The Hybrid Analysis Data Tile
The Hybrid Analysis Data Source Configuration