ciscosecurity/tr-05-crowdstrike
CrowdStrike Relay (Cisco Hosted)
1.0K
POST /health
POST /observe/observables
POST /refer/observables
POST /respond/observables
POST /respond/trigger
file_name
file_path
hostname
md5
sha256
hostname
process_name
process_args
crowdstrike_id
domain
ip
ipv6
md5
sha256
Each response from the CrowdStrike API for the supported observables generates the following CTIM entities:
Sighting
Indicator
Relationship
docker pull ciscosecurity/tr-05-crowdstrike