Integrating with Crowdstrike
Introduction
Follow this article to integrate Blackpoint with Crowdstrike. We've broken down the integration into five steps:
- Create a new API client
- Name the API client and set the API scope
- Copy the Base URL, Client ID, and Secret
- Add the Crowdstrike integration in the Blackpoint Portal
- Verifying your integration in SNAP-Defense
Prerequisites
You must have access to the Crowdstrike portal.
Instructions
- Sign-in to your Crowdstrike portal
- Expand the menu navigation bar > Select Support and resources > API client and keys
- Select Add new API client
Enter Client name
- Set API Scope
- Detections – Read
- Hosts – Read
- Actors – Read
- Incidents – Read
- OverWatch Dashboard – Read
- Real time response – Read
- Select Add
- Copy the Base URL, Client ID, and Secret
- Confirm the API client is added
- Sign-in to the Blackpoint add-ons portal
- Select Crowdstrike Integration from the navigation menu
- Enter "Tenant Name", "Crowdstrike API URL", "Client ID", "Client Secret" > Connect
- Check the customer's account in SNAP-Defense to confirm the integration is working. You should see the device list synchronize and list all devices running the Crowdstrike agent.
Setup Complete.