Crowdstrike Falcon Intelligence
Last updated
Last updated
Crowdstrike Falcon Intelligence is a Threat Intelligence (TI) integration. TI Data Source integrations are used during investigations to improve analysis and in interactive chat to help answer questions. They are optional, but enabling more tooling integrations enhances Dropzone analysis.
The Dropzone platform supports Crowdstrike Falcon Intelligence to determine if entities such as domains, IPs, URLs, or files are malicous. Dropzone uses Pangea to get access to Crowdstrike Falcon Intelligence.
Crowdstrike Falcon Intelligence requires a Pangea API to enable.
To obtain an API Key, do the following:
In the upper left corner of Pangea, click the menu icon
Navigate to "File Scan"
Copy the default token under "Configuration Details" for use later in the Dropzone UI where it is called "Pangea API Token"
To enable the Data Source integration, do the following:
Navigate to your Dropzone AI tenant home page e.g. https://mycompany.dropzone.ai
Click System > Integrations
Click "Data Sources" in the top left corner
In the THREAT INTEL section, find the CrowdStrike Falcon Intelligence tile and click "Connect"
Input the API Token
Click "Test & Save" to finish
If you have any errors engage your Dropzone AI support representative.
