CrowdStrike Integration

The CyberCyte portal can integrate with CrowdStrike for further analysis and investigations. To integrate, please follow these steps:

1. Create Remote Credential in Portal

Please navigate to "Settings & Reporting" -> "Integration Settings" -> "Credential Settings". Click on the "+ Credential" button to create a new credential. Select the "CorwdStrike Credential" as a "Credential Type".

2. Create a Repository on the Portal

Please navigate to "Settings & Reporting" -> "Integration Settings" -> "Repository Management". Click on the "+Repository" button to create a new CrowdStrike repository and select the "CrowdStrike" as Type and fill the rest of the blank fields like below.

3. Create a Policy in the Portal

Please navigate to "Rules & Policies" -> "Policy Management" -> Click on the "+ Policy" button. Please select the module named "CrowdStrike Health Analysis" and type named "CrowdStrike Health Analysis". After the selection, required fields will appeared. Please fill in the blanks with required values, demonstration is provided below:

4. Reviewing the Results

The results can be observed from under the "Threat Hunting" -> "Analysis & Investigation" -> "Assets" -> "CrowdStrike Analysis.

PreviousMicrosoft Intune Integration NextOpenVAS Integration

Last updated 4 days ago

Was this helpful?