Usage

The Crowdstrike Block Type Response Integration offers a robust security solution tailored for enhancing defense against cyber threats. By leveraging Crowdstrike's industry-leading threat intelligence and response capabilities, this integration enables users to automate the process of identifying and blocking malicious activities in real-time. Whether it's stopping a known malware attack or preventing suspicious IP addresses from accessing sensitive resources, the integration provides a streamlined way to enforce security policies and respond to threats.

Prerequisites

Before configuring the Crowdstrike block type response integration in Netography, you will need to have an API Client setup from Crowdstrike.

Create an API Client

1. Within your CrowdStrike portal, go to support and resources, then select API clients and keys

   

2. Input a name and description for your Netography Crowdstrike Response integration. Ensure that Read and Write are checked for the Hosts API scope as shown below, and click ADD to create your API client details to use.

   

3. Once created, copy the CLIENT ID, SECRET, BASE URL. These values will be used to onfigure the CrowdStrike response integration in Netography.

   

Netography Portal Steps

Navigate to Integrations (make sure you are on the Response tab) and click "Add Integration", then select CrowdStrike

Configuration

The following fields are specific to the CrowdStrike integration.

Authentication

The following fields are necessary for the integration to authenticate with CrowdStrike.