Awesome

CrowdStrike2TH

A Python program to connect to the CrowdStrike QueryAPI, retrieve the latest detections and create an alert in TheHive

TODO

• Add option to only create alerts for medium, high or critical incidents.
• Add option to only create alerts for intel incidents.
• Add markdown parser to enrich observable descriptions.
• Add log parser to generate debug logs.
• Add option to create cases instead of alerts.