Integrating with Crowdstrike
Introduction
Follow this article to integrate Blackpoint with CrowdStrike. We've broken down the integration into five steps:
- Create New API Client
- Verify Integration in Blackpoint Portal
Prerequisites
- You must have access to the CrowdStrike portal.
Instructions
Create New API Client
- Sign in to your CrowdStrike portal
Expand the menu navigation bar > Select Support and resources > API client and keys
Select Add new API client
- Enter Client name
- Set API Scope
- Detections – Read
- Hosts – Read
- Actors – Read
- Incidents – Read
- OverWatch Dashboard – Read
Real time response – Read
- Select Add
Copy the Base URL, Client ID, and Secret
Confirm the API client is added
Verify Integration in Blackpoint Portal
- Sign in to the Blackpoint add-ons portal
- Select CrowdStrike Integration from the navigation menu
Enter "Tenant Name", "Crowdstrike API URL", "Client ID", "Client Secret" > Connect
Check the customer's account in SNAP-Defense to confirm the integration is working. You should see the device list synchronize and list all devices running the CrowdStrike agent.
Setup Complete.