CrowdStrike Falcon Insights

The integration between CrowdStrike Falcon Insights and ThreatConnect allows users to discover and investigate both current and historic endpoint activity within seconds of ThreatConnect sending an indicator to CrowdStrike Falcon Insights. With this integration you can:

Provides ThreatConnect users the ability to send all indicators, including third-party IOCs to CrowdStrike Falcon Insights for alerting.
Allows indicator filtering, giving users full control of which ThreatConnect indicators are sent to CrowdStrike.
Ensures users are working with the most relevant data for their organization.
Grants full visibility into current and historic endpoint activity, so you can identify exactly which endpoints are vulnerable to specific indicators.
Allows users to take the following automated actions with these Playbook Apps:
CrowdStrike Falcon Insights Delete – deletes associated IOC from CrowdStrike Falcon Insights
Deploy to CrowdStrike Falcon Insights – deploy an IOC to CrowdStrike Falcon Insights

Main Features and Benefits:

Sends indicators from ThreatConnect to CrowdStrike Falcon Insights for alerting
Instantly shows endpoint activity, both current and historic
Users have full control of which ThreatConnect indicators are sent to CrowdStrike Falcon Insights

This listing can be found in the ThreatConnect App Catalog under the name: CrowdStrike Falcon Insight.

Categories:

ThreatConnect

CrowdStrike Falcon Insights

Developers

Company

Related Resources

Categories:

ThreatConnect

CrowdStrike Falcon Insights

Related Apps

Cybereason

Endpoint Detection and Response

SentinelOne

Endpoint Detection and Response

CarbonBlack Playbook

Endpoint Detection and Response

Developers

Company