Overview
Table name: crowdstrike_idp
CrowdStrike's identity-based alerts are part of its advanced threat detection capabilities, focusing on identifying security threats that specifically target or involve user identities and credentials. These alerts play a critical role in an organization's security posture by helping to prevent unauthorized access, insider threats, and identity-related attacks. With the increasing sophistication of cyber threats, particularly those involving credential theft, social engineering, and lateral movement within networks, identity-based security solutions have become essential.
Send data to Hunters
⚠️ Attention
The process below requires you to select the CrowdStrike API tile (and not CrowdStrike).
Step 1: Create an API client
Create a CrowdStrike API client with the Alerts: Read scope and permissions (as specified here).
Step 2: Create a data source on Hunters
Complete the process on the Hunters platform, and supply the following keys following this process:
- Client ID
- Client Secret
- Cloud Endpoint - This should only contain the domain name, without the
https://prefix. For example:api.crowdstrike.com.