Dropzone AI Documentation
WebsiteTest Drive
  • Dropzone Documentation
  • Overview
    • Alert Sources
    • Data Sources
    • Communicators
    • On-prem Support - Dropzone Connector
    • Interactive Chat
    • Metrics Guide
  • Dropzone Administraton
    • Team Admin
      • Google Workspace SAML
      • Okta SAML
  • Dropzone Integrations
    • Alert + Data Source Integrations
      • Amazon Web Services (AWS)
        • Cross-Account Access via CloudFormation
        • Cross-Account Access via Console
      • CrowdStrike
      • Datadog
      • Elasticsearch
      • Google Workspace
      • Google GCP
      • Jira
      • Microsoft 365 / Microsoft Defender
      • Palo Alto Networks Firewall
      • Panther
      • SentinelOne
      • Splunk
      • Sumo Logic
    • Alert Integrations
      • Gem
    • Communicators
      • Slack Communicator
    • Data Source Integrations
      • AbuseIPDB
      • Active Directory (LDAP)
      • Archive Inspector
      • Blocklist.de
      • CAPA
      • Censys
      • Crowdstrike Falcon Intelligence
      • DNSResolver
      • File
      • GreyNoise
      • Hybrid Analysis
      • Host.io
      • IPInfo.io
      • IPQualityScore
      • MalwareBazaar
      • Nuclei
      • NVD
      • Okta
      • oletools
      • OpenSSL Sign Code
      • PDF Analysis
      • Perplexity AI
      • PhishTank
      • Shodan
      • TShark
      • QRadar
      • UnshortenMe
      • URLhaus
      • Urlscan.io
      • VirusTotal
      • Vision
      • WHOIS
      • YARAify
Powered by GitBook
On this page
  • Create an API Key
  • Enable Crowdstrike Falcon Intelligence

Was this helpful?

  1. Dropzone Integrations
  2. Data Source Integrations

Crowdstrike Falcon Intelligence

PreviousCensysNextDNSResolver

Last updated 3 months ago

Was this helpful?

Crowdstrike Falcon Intelligence is a Threat Intelligence (TI) integration. TI Data Source integrations are used during investigations to improve analysis and in interactive chat to help answer questions. They are optional, but enabling more tooling integrations enhances Dropzone analysis.

The Dropzone platform supports Crowdstrike Falcon Intelligence to determine if entities such as domains, IPs, URLs, or files are malicous. Dropzone uses to get access to Crowdstrike Falcon Intelligence.

Create an API Key

Crowdstrike Falcon Intelligence requires a Pangea API to enable.

To obtain an API Key, do the following:

  • In the upper left corner of Pangea, click the menu icon

  • Navigate to "File Scan"

  • Copy the default token under "Configuration Details" for use later in the Dropzone UI where it is called "Pangea API Token"

Enable Crowdstrike Falcon Intelligence

To enable the Data Source integration, do the following:

  • Navigate to your Dropzone AI tenant home page e.g. https://mycompany.dropzone.ai

  • Click System > Integrations

  • Click "Available"

  • In the Search bar, search Crowdstrike Falcon Intelligence, then click "Configure"

  • Input the Pangea API Token

  • Click "Test & Save" to finish

If you have any errors engage your Dropzone AI support representative.

Pangea
Open the Menu
Navigate to "File Scan"
Copy API Token
Integrations Dropdown
Click Available
The CrowdStrike Falcon Intelligence Data Tile
The Crowdstrike Falcon Intelligence Data Source Configuration