The CrowdStrike Falcon Plugin provides the functionality to manage hosts, perform sandbox analysis, retrieve sandbox artifacts, and retrieve information on IoCs.
The Security Flow CrowdStrike Falcon Plugin exposes the ability to
- retrieve host IDs and host details
- delete (hide) and restore (un-hide) hosts
- contain and lift containment on hosts
- perform sandboxing analysis on files and URLs
- retrieve sandboxing analysis artifact files
- retrieve information on Indicators of Compromise (IoCs)
Instance Configuration Parameters
This node exposes CrowdStrike Falcon Host capabilities.
This node exposes CrowdStrike Falcon Sandboxing capabilities.
CrowdStrike Falcon Threat Intelligence node to gather information about the supplied Indicators of Compromise (IoCs).