{ "name": "crowd-strike-falcon", "description": "The CrowdStrike Falcon\u00ae platform is pioneering cloud-delivered endpoint protection. It both delivers and unifies IT Hygiene, next-generation antivirus, endpoint detection and response (EDR), managed threat hunting, and threat intelligence \u2014 all delivered via a single lightweight agent.", "version": "2.2.3", "buildNumber": 7616, "tags": null, "publishedDate": 1675938087, "lastUpdated": 1761036990, "type": "connector", "label": "CrowdStrike Falcon", "availableVersions": [ "1.0.0", "1.1.0", "2.0.0", "2.0.1", "2.1.0", "2.2.0", "2.2.1", "2.2.2", "2.2.3", "2.3.0", "2.3.1", "2.4.0", "2.5.0", "3.0.0", "3.1.0" ], "scm": { "forks": 0, "watchers": 0, "stars": 0, "type": "private", "url": "https://gitlab-van.corp.fortinet.com/fortisoar/connectors-group/connector-crowd-strike-falcon" }, "infoPath": "/content-hub/crowd-strike-falcon-2.2.3/7616", "publisher": "Fortinet", "certified": false, "category": "Endpoint Security", "iconLarge": "/content-hub/crowd-strike-falcon-2.2.3/7616/images/large.png", "operations": [ { "description": "Creates an indicator on CrowdStrike Falcon based on the IOC type and value, policy, and other input parameters you have specified.", "title": "Create IOC", "operation": "upload_ioc", "visible": true }, { "description": "Retrieves a list of all IOCs or specific IOCs based on the input parameters you have specified from CrowdStrike Falcon", "title": "Get IOCs", "operation": "list_ioc", "visible": true }, { "description": "Retrieves details of a specific IOC from CrowdStrike Falcon, based on the IOC type and value you have specified.", "title": "Get IOC Details", "operation": "get_ioc", "visible": true }, { "description": "Updates an indicator on CrowdStrike Falcon, based on the IOC type and value and other input parameters you have specified.", "title": "Update IOC", "operation": "update_ioc", "visible": true }, { "description": "Deletes an indicator on CrowdStrike Falcon, based on the IOC type and value you have specified.", "title": "Delete IOC", "operation": "delete_ioc", "visible": true }, { "description": "Hunts a file on CrowdStrike Falcon using the filehash type and value you have specified.", "title": "Hunt File", "operation": "hunt_file", "visible": true }, { "description": "Hunts a domain on CrowdStrike Falcon using the domain value you have specified. This operation retrieves a list of device IDs from CrowdStrike Falcon on which the domain was observed.", "title": "Hunt Domain", "operation": "hunt_domain", "visible": true }, { "description": "Retrieves a list of processes from CrowdStrike Falcon which are associated with the specified IOC on given device based on the IOC type and value, device ID, and other input parameters you have specified.", "title": "Get Processes Related to IOC", "operation": "get_list_of_processes", "visible": true }, { "description": "Retrieves details of a specific process from CrowdStrike Falcon, based on the process ID you have specified.", "title": "Get Process Details", "operation": "process_details", "visible": true }, { "description": "Retrieves details of a specific device from CrowdStrike Falcon, based on the device ID you have specified.", "title": "Get Device Details", "operation": "device_details", "visible": true }, { "description": "Retrieves a list of all the all endpoints or specific endpoints based on the input parameters you have specified configured on a device on CrowdStrike Falcon.", "title": "Get Endpoint List", "operation": "list_endpoint", "visible": true }, { "description": "Prevents a potentially compromised host from communicating across the network that contains the host based on the device ID you have specified.", "title": "Contain the Host", "operation": "quarantine_device", "visible": true }, { "description": "Removes the containment on a host that has been contained and returns its network communications to normal based on the device IDs you have specified.", "title": "Remove Containment", "operation": "remove_containment", "visible": true }, { "description": "Retrieves details of a specific detection from CrowdStrike Falcon, based on the detection IDs you have specified.", "title": "Get Detection Details", "operation": "get_detection_details", "visible": true }, { "description": "Retrieves a list of all detection IDs or specific detection IDs based on the input parameters you have specified configured on a device on CrowdStrike Falcon.", "title": "Detection Search", "operation": "detection_search", "visible": true }, { "description": "Retrieves a count of detections by a query from CrowdStrike Falcon based on the aggregate query name and type, the field used to compute the aggregation and other input parameters you have specified.", "title": "Detection Aggregates", "operation": "detection_aggregates", "visible": true }, { "description": "Updates specific detections in CrowdStrike Falcon, based on the detection IDs and other input parameters you have specified. ", "title": "Update Detection", "operation": "update_detection", "visible": true }, { "description": "Searches for incidents in CrowdStrike Falcon based on the FQL filter, sorting, and pagination details you have specified.", "title": "Search Incidents", "operation": "incidents_query", "visible": true }, { "description": "Retrieves details for incidents from CrowdStrike Falcon based on the incident IDs you have specified.", "title": "Get Incident Details", "operation": "incidents_get_details", "visible": true }, { "description": "Returns entity (incident) data by querying the complete CrowdStrike Score environment based on the timestamp and CrowdStrike you have specified.", "title": "Get Incidents Crowdstrike Score", "operation": "incidents_get_crowdscores", "visible": true }, { "description": "Updates specific incidents in CrowdStrike Falcon, based on the incidents IDs and status you have specified.", "title": "Update Incidents Status", "operation": "update_incidents", "visible": true }, { "description": "Retrieves the user ID from CrowdStrike Falcon based on the username you have specified.", "title": "Get User ID", "operation": "get_uid", "visible": true }, { "description": "Retrieves the details of a specific user from CrowdStrike Falcon based on the user ID you have specified.", "title": "Get User Details", "operation": "get_user_details", "visible": true }, { "description": "Retrieves a list of usernames (usually an email address) for all users in your customer account from\u202fCrowdStrike Falcon. ", "title": "Get Usernames List", "operation": "list_usernames", "visible": true }, { "description": "Retrieves a list of all user IDs in your customer account from\u202fCrowdStrike Falcon. ", "title": "Get User IDs List", "operation": "list_user_id", "visible": true }, { "description": "Executes admin commands on a specific device in CrowdStrike Falcon based on the device ID, commands, and optionally command parameters you have specified.", "title": "Run Admin Command", "operation": "admin_cmd_run", "visible": true }, { "description": "Retrieves the result of the status of the admin command executed on a specific device from CrowdStrike Falcon Real-Time Response (RTR) based on the cloud request ID and sequence ID you have specified.", "title": "Get Admin Command Result", "operation": "admin_cmd_result", "visible": true }, { "description": "Retrieves the list of the session files available for the download using\u202fCrowdStrike Falcon RTR based\u202fon the device ID you have specified.", "title": "Download Session File List", "operation": "session_file_list", "visible": true }, { "description": "Downloads a specific session file\u202fusing\u202fCrowdStrike Falcon RTR based\u202fon the device ID, the file's SHA256 values, and other input parameters you have specified. ", "title": "Download Session File", "operation": "session_file_download", "visible": true }, { "description": "Retrieves a list of PowerShell scripts available for the \"runscript\" command from CrowdStrike Falcon. These scripts can then be run on devices using CrowdStrike Falcon RTR. ", "title": "Get Scripts List", "operation": "scripts_list", "visible": true }, { "description": "Retrieves the PowerShell scripts available for the \"runscript\" command from CrowdStrike Falcon based on the script ID you have specified.\u202fThese scripts can then be run on devices using CrowdStrike Falcon RTR. ", "title": "Get Scripts Details by IDs", "operation": "scripts_get", "visible": true }, { "description": "Retrieves a list of Executable available for the \"runscript\" command from CrowdStrike Falcon. These executables can then be run on devices using CrowdStrike Falcon RTR. ", "title": "Get Executable List", "operation": "put_files_list", "visible": true }, { "description": "Retrieves the executables available for the \"runscript\" command from CrowdStrike Falcon based on the executable file ID you have specified.\u202fThese executables can then be run on devices using CrowdStrike Falcon RTR.", "title": "Get Executables Details by IDs", "operation": "put_files_get", "visible": true } ], "help": "https://docs.fortinet.com/document/fortisoar/2.2.3/crowdstrike-falcon/503/crowdstrike-falcon-v2-2-3", "dependentSolutionPacks": [], "releaseNotes": "available" }