Crowdstrike Falcon Intelligence
This document explains how to set up and use Crowdstrike Falcon Intelligence with TruSTAR Station.
CrowdStrike Falcon Intelligence provides security teams with complete analysis and insights into the TTPs of adversary groups — allowing security professionals to diagnose and respond to incidents now, while more efficiently planning for events in the future — and preventing damage from advanced malware and targeted attacks.
- Time to Install: 10 minutes
- Type of Feed: Query-based
- Update Frequency: Two hours
- Intel Type: Premium Feed
The integration pulls all observables supported by TruSTAR.
- Licensed user of Crowdstrike
- Access to Crowdstrike Falcon Intelligence.
- Crowdstrike API ID and API key for the reports API.
- Log into TruSTAR Station.
- Click the Marketplace icon on the left side icon list.
- Choose Closed Sources.
- Click Subscribe on the Crowdstrike Falcon Reports box.
- Enter your API key and click Save Credentials & Request Subscription.
TruSTAR will validate the integration within 48 hours and send an email when the integration has been enabled.