Skip to main content

CrowdStrike Falcon Sandbox

crowdstrike-falcon-sandbox

Version: 1.3
Updated: Jul 14, 2023

Malware Analysis Tool providing threat intelligence.

Actions

  • Submit File (Enrichment) - Submit a file for analysis.
  • Submit URL (Enrichment) - Submit a website's URL or URL with a file for analysis.
  • Submission Status Polling (Enrichment) - Return the state of submission, this action will polling until the File/URL analyzation are finished, Once this action completed, we will be able to Download Report or Get Summary of Submission.
  • Download Report (Enrichment) - Download a report (Full CSOAR only).
  • Search Into Database (Enrichment) - Search the database using the search terms like tag, host, domain, URL, filename; this similar to Advanced Search.
  • Get Submission Summary (Enrichment) - Return summary of a submission.
  • Get Hash Summary (Enrichment) - Summary for given hash.
  • Download Sample (Enrichment) - Download sample file (Full CSOAR only).
  • List Feed (Enrichment) - Access a JSON feed (summary information) of last 250 reports from 24h.
  • Get Hash Analysis Overview (Enrichment) - Return overview for the hash related information [report, parent, children, scanners].
  • List Environments (Enrichment) - List system environments.

Configure CrowdStrike Falcon Sandbox in Automation Service and Cloud SOAR

Before you can use the integration, you must configure it so that the vendor can communicate with Sumo Logic. For general guidance, see Configure Authentication for Integrations.

  1. Access App Central and install the integration.
  2. Select the installed integration in the Integrations page.
    Classic UI. In the main Sumo Logic menu, select Automation and then select Integrations in the left nav bar.
    New UI. In the main Sumo Logic menu, select Automation > Integrations. You can also click the Go To... menu at the top of the screen and select Integrations.
  3. Select the integration.
  4. Hover over the resource name and click the Edit button that appears.
    Edit a resource
  5. In the Add Resource dialog, enter the authentication needed by the resource. When done, click TEST to test the configuration, and click SAVE to save the configuration.

For information about CrowdStrike Falcon Sandbox, see CrowdStrike documentation.

Change Log

  • October 26, 2020 - First upload
  • March 21, 2023 (v1.1) - Logo updated
  • June 27, 2023 (v1.2) - Updated the integration with Environmental Variables
  • July 14, 2023 (v1.3) - Changed fields visibility
Status
Legal
Privacy Statement
Terms of Use

Copyright © 2025 by Sumo Logic, Inc.