CrowdStrike Falcon Intelligence Integration User Guide
  • 10 Aug 2022
  • 1 Minute to read
  • Dark
    Light

CrowdStrike Falcon Intelligence Integration User Guide

  • Dark
    Light

CrowdStrike® Falcon Intelligence™ provides enterprises with insights into the identity, motives, and techniques of advanced adversaries through strategic, customized, and actionable intelligence. It enables organizations to prioritize resources by differentiating between targeted and commodity attacks, saving time and allowing resources to be focused on critical threats. The insights Falcon Intelligence provides into adversary tools, tactics, and procedures (TTPs) enable analysts to identify pending attacks and automatically feed threat intelligence via API, SIEM, and third-party security tools.

The ThreatConnect® integration with CrowdStrike Falcon Intelligence allows ThreatConnect customers to import information Reports, Indicators, and Actors, along with all of their context, from the CrowdStrike Falcon Intelligence feed into ThreatConnect.

The following Indicator types are currently supported: Address, Email Address, File, Host, URL, Email Subject, Mutex, and Registry Key. Indicators are associated with Reports and Adversaries in ThreatConnect. Reports are also associated with Adversaries in ThreatConnect.

 

Your browser does not support PDF.click here to download

 


ThreatConnect® is a registered trademark of ThreatConnect, Inc.
CrowdStrike® is a registered trademark, and CrowdStrike Falcon Intelligence™ is a trademark, of CrowdStrike, Inc.

Attachments

Was this article helpful?