home Transform Hub data categories - Endpoint & Security Events

CrowdStrike ThreatGraph

By CrowdStrike Inc.
Interact with CrowdStrike Falcon data and investigate relationships between events.
CrowdStrike ThreatGraph integration in Maltego
Endpoint & Security Events Malware Threat Hunting Threat Intelligence

CrowdStrike ThreatGraph Transforms for Maltego

CrowdStrike provides a suite of five APIs to enable customers of the CrowdStrike Falcon platform to enhance their triage workflow and leverage their existing security investments.

The Falcon Threat Graph API is one of the five API’s offered by Crowdstrike that leverages CrowdStrike’s multi-petabyte graph database to reveal the underlying relationships between indicators of compromise (IOCs), devices, processes, and other forensic data and events, such as files written, module loads, or network connections.

With ThreatGraph Transforms, investigators can query the CrowdStrike ThreatGraph API to interact with CrowdStrike Falcon data and traverse the graph to investigate relationships between events.

Typical Users of This Data

  • Threat Intelligence Teams
  • Pen Testers

Contact


By clicking on "Send Message", you agree to the processing of the data you entered and you allow us to contact you for the purpose selected in the form. For further information, see our Data Privacy Policy.

About CrowdStrike

CrowdStrike offers endpoint protection and threat intelligence solutions that enables customers to prevent damage from targeted attacks, detect and attribute advanced malware, and search all endpoints. CrowdStrike serves customers worldwide.

Falcon is the CrowdStrike platform purpose-built to stop breaches via a unified set of cloud-delivered technologies that prevent all types of attacks — including malware and much more.

For more information, visit https://www.crowdstrike.com.

Pick the right product and get started.