This website uses cookies to enhance your browsing experience. Please note that by continuing to use this site you consent to the terms of our Privacy Notice.

ACCEPT
Experienced a Breach?

NEED IMMEDIATE ASSISTANCE?

Contact Us for Pre and Post Incident Response Services

CONTACT US NOW

How to Ingest Indicators of Compromise (IOCs) and Integrate with Security Information and Event Management (SIEM) Solutions with CrowdStrike Falcon


Read Video Transcript

CrowdStrike Falcon supports importing Indicators of Compromise (IOCs). This can be done manually in the user interface, or programmatically via the Falcon IOC Import API. When using the API, a search is done during the import. This search scans your Threat Graph for any past hits on that IOC, and also starts monitoring for future instances of it on your endpoints. You can also manually search for IOCs in the Investigate and Events Apps. This demo also includes a walkthrough of how these events can be pushed to a SIEM. For illustration purposes we use Soltra and HP ArcSight in this demo.

 

Stop Breaches With CrowdStrike Falcon request a demo