CrowdStrike Falcon Insights
The integration between CrowdStrike Falcon Insights and ThreatConnect allows users to discover and investigate both current and historic endpoint activity within seconds of ThreatConnect sending an indicator to CrowdStrike Falcon Insights. With this integration you can:
- Provides ThreatConnect users the ability to send all indicators, including third-party IOCs to CrowdStrike Falcon Insights for alerting.
- Allows indicator filtering, giving users full control of which ThreatConnect indicators are sent to CrowdStrike.
- Ensures users are working with the most relevant data for their organization.
- Grants full visibility into current and historic endpoint activity, so you can identify exactly which endpoints are vulnerable to specific indicators.
- Allows users to take the following automated actions with these Playbook Apps:
- CrowdStrike Falcon Insights Delete – deletes associated IOC from CrowdStrike Falcon Insights
- Deploy to CrowdStrike Falcon Insights – deploy an IOC to CrowdStrike Falcon Insights
Main Features and Benefits:
- Sends indicators from ThreatConnect to CrowdStrike Falcon Insights for alerting
- Instantly shows endpoint activity, both current and historic
- Users have full control of which ThreatConnect indicators are sent to CrowdStrike Falcon Insights
This listing can be found in the ThreatConnect App Catalog under the name: CrowdStrike Falcon Insight.