Data

Tools

Indexes

Applications

Experiments

Open Source Science

https://github.com/crowdstrike/foundry-tutorial-extension-builder

In this tutorial, you will create a Foundry app that enriches Falcon detections with third-party data. The app uses VirusTotal to scan the IP address associated with a detection and displays the data on the Next-Gen SIEM endpoint detection details page of the Falcon console.

https://github.com/crowdstrike/foundry-tutorial-extension-builder

Science Score: 26.0%

This score indicates how likely this project is to be science-related based on various indicators:

  • CITATION.cff file
  • codemeta.json file
    Found codemeta.json file
  • .zenodo.json file
    Found .zenodo.json file
  • DOI references
  • Academic publication links
  • Committers with academic emails
  • Institutional organization owner
  • JOSS paper metadata
  • Scientific vocabulary similarity
    Low similarity (9.6%) to scientific vocabulary

Keywords

api-integration falcon-foundry ui-extension
Last synced: 5 months ago · JSON representation

Repository

In this tutorial, you will create a Foundry app that enriches Falcon detections with third-party data. The app uses VirusTotal to scan the IP address associated with a detection and displays the data on the Next-Gen SIEM endpoint detection details page of the Falcon console.

Basic Info
Statistics
  • Stars: 0
  • Watchers: 5
  • Forks: 0
  • Open Issues: 0
  • Releases: 0
Topics
api-integration falcon-foundry ui-extension
Created 10 months ago · Last pushed 9 months ago
Metadata Files
Readme License Code of conduct Security

README.md

CrowdStrike CrowdStrike

CrowdStrike Subreddit

Extension Builder tutorial Foundry app

[!IMPORTANT]
To view this tutorial and import the app, you need access to the Falcon console.

This code is the result of doing the Falcon Foundry Create a Detection Enrichment App with Foundry Extension Builder tutorial.

Prerequisites

  • Falcon Insight XDR or Falcon Prevent (one app)
  • Falcon Next-Gen SIEM or Falcon Foundry (1+ apps depending on entitlement)

Getting Started

  1. Download this repository as a zip file.
  2. Log in to the Falcon console and go to Foundry > App manager.
  3. Click Import app and select the zip file you downloaded.
  4. Click Import.

[!TIP] If you get an error that the name already exists, change the name to something unique to your CID when importing the app.

Links

This example uses the following CrowdStrike products:

Help

Please post any questions as issues in this repo, ask for help in our CrowdStrike subreddit, or post your question to our Foundry Developer Community.

Support

The foundry-tutorial-extension-builder repo is the resulting code from doing the Foundry Create a Detection Enrichment App with Foundry Extension Builder tutorial. While not a formal CrowdStrike product, foundry-tutorial-extension-builder is maintained by CrowdStrike and supported in partnership with the open source developer community.

License

MIT, see LICENSE.

Owner

  • Name: CrowdStrike
  • Login: CrowdStrike
  • Kind: organization
  • Email: github@crowdstrike.com
  • Location: United States of America

GitHub Events

Total
  • Delete event: 1
  • Push event: 1
  • Public event: 1
  • Pull request review event: 1
  • Pull request event: 1
  • Create event: 1
Last Year
  • Delete event: 1
  • Push event: 1
  • Public event: 1
  • Pull request review event: 1
  • Pull request event: 1
  • Create event: 1

Committers

Last synced: 9 months ago

All Time
  • Total Commits: 4
  • Total Committers: 1
  • Avg Commits per committer: 4.0
  • Development Distribution Score (DDS): 0.0
Past Year
  • Commits: 4
  • Committers: 1
  • Avg Commits per committer: 4.0
  • Development Distribution Score (DDS): 0.0
Top Committers
Name Email Commits
Matt Raible m****e@c****m 4
Committer Domains (Top 20 + Academic)
crowdstrike.com: 1

Issues and Pull Requests

Last synced: 9 months ago

All Time
  • Total issues: 1
  • Total pull requests: 2
  • Average time to close issues: 7 days
  • Average time to close pull requests: 6 days
  • Total issue authors: 1
  • Total pull request authors: 1
  • Average comments per issue: 2.0
  • Average comments per pull request: 0.0
  • Merged pull requests: 2
  • Bot issues: 0
  • Bot pull requests: 0
Past Year
  • Issues: 1
  • Pull requests: 2
  • Average time to close issues: 7 days
  • Average time to close pull requests: 6 days
  • Issue authors: 1
  • Pull request authors: 1
  • Average comments per issue: 2.0
  • Average comments per pull request: 0.0
  • Merged pull requests: 2
  • Bot issues: 0
  • Bot pull requests: 0
View more stats
Top Authors
Issue Authors
  • mraible (1)
Pull Request Authors
  • mraible (3)
Top Labels
Issue Labels
Pull Request Labels