CrowdStrike ThreatGraph
By CrowdStrike Inc.
CrowdStrike ThreatGraph Transforms for Maltego
CrowdStrike provides a suite of five APIs to enable customers of the CrowdStrike Falcon platform to enhance their triage workflow and leverage their existing security investments.
The Falcon Threat Graph API is one of the five API’s offered by Crowdstrike that leverages CrowdStrike’s multi-petabyte graph database to reveal the underlying relationships between indicators of compromise (IOCs), devices, processes, and other forensic data and events, such as files written, module loads, or network connections.
With ThreatGraph Transforms, investigators can query the CrowdStrike ThreatGraph API to interact with CrowdStrike Falcon data and traverse the graph to investigate relationships between events.
Typical users of this data
- Threat Intelligence Teams
- Pen Testers
Pricing & Access
Pricing Tier: Paid
Transform Hub Type: Commercial Hub
Requirements: For full solution access, Maltego Classic /XL license and CrowdStrike Falcon Prevent/ Falcon Insight subscription
Access: For sales inquiry or to purchase an API key, kindly reach out to Maltego using the form below.
Contact
Reach out to us to learn more about this data integration and how to access it.
About CrowdStrike
CrowdStrike offers endpoint protection and threat intelligence solutions that enables customers to prevent damage from targeted attacks, detect and attribute advanced malware, and search all endpoints. CrowdStrike serves customers worldwide.
Falcon is the CrowdStrike platform purpose-built to stop breaches via a unified set of cloud-delivered technologies that prevent all types of attacks — including malware and much more.
For more information, visit https://www.crowdstrike.com