CrowdStrike ThreatGraph
By CrowdStrike Inc.
Interact with CrowdStrike Falcon data and investigate relationships between events.

CrowdStrike ThreatGraph Transforms for Maltego
CrowdStrike provides a suite of five APIs to enable customers of the CrowdStrike Falcon platform to enhance their triage workflow and leverage their existing security investments.
The Falcon Threat Graph API is one of the five API’s offered by Crowdstrike that leverages CrowdStrike’s multi-petabyte graph database to reveal the underlying relationships between indicators of compromise (IOCs), devices, processes, and other forensic data and events, such as files written, module loads, or network connections.
With ThreatGraph Transforms, investigators can query the CrowdStrike ThreatGraph API to interact with CrowdStrike Falcon data and traverse the graph to investigate relationships between events.
Typical Users of This Data
- Threat Intelligence Teams
- Pen Testers
Pricing & Access
Community Hub
Available only with a Maltego commercial license.
Commercial Hub
Users with Maltego One have the following access or purchase options:
- Bring Your Own Key (Purchase Separately): For full solution access, plug in your existing API key or reach out to us using the form below for purchase inquiry.
About CrowdStrike
CrowdStrike offers endpoint protection and threat intelligence solutions that enables customers to prevent damage from targeted attacks, detect and attribute advanced malware, and search all endpoints. CrowdStrike serves customers worldwide.
Falcon is the CrowdStrike platform purpose-built to stop breaches via a unified set of cloud-delivered technologies that prevent all types of attacks — including malware and much more.
For more information, visit https://www.crowdstrike.com.
