/CrowdStrike2TH

A Python program to connect to the CrowdStrike QueryAPI, retrieve the latest detections and create an alert in TheHive Project

Primary LanguagePythonGNU Affero General Public License v3.0AGPL-3.0

CrowdStrike2TH

A Python program to connect to the CrowdStrike QueryAPI, retrieve the latest detections and create an alert in TheHive

TODO

  • Add option to only create alerts for medium, high or critical incidents.
  • Add option to only create alerts for intel incidents.
  • Add markdown parser to enrich observable descriptions.
  • Add log parser to generate debug logs.
  • Add option to create cases instead of alerts.