CrowdStrike - Check Device Count for IOC
- 02 Apr 2025
- 1 Minute to read
- DarkLight
- PDF
CrowdStrike - Check Device Count for IOC
- Updated on 02 Apr 2025
- 1 Minute to read
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback!
CrowdStrike - Check Device Count for IOC
Description
CrowdStrike's Check Device Count for IOC (Indicator of Compromise) automation allows organizations to quickly and easily identify and respond to potential security threats. This automation leverages the power of CrowdStrike's Falcon platform to detect and assess potential threats in real time, providing organizations with the ability to take immediate action to protect their networks and data. The automation uses the Falcon platform to analyze incoming data from a variety of sources, including endpoint devices, networks, and cloud applications. This data is then used to identify and assess potential threats, such as malicious files, malicious URLs, and suspicious user activity. The automation then provides an alert to the organization's security team, allowing them to take immediate action to prevent or mitigate the threat. Additionally, the automation can provide a count of devices that have been identified as having a potential IOC, allowing organizations to quickly and easily identify which devices are affected and take appropriate action. With this automation, organizations can quickly and easily identify and respond to potential security threats, helping to protect their networks and data.
Trigger Request
HTTP Post Request
Headers:
| Key | Value |
|---|---|
| Content-Type | application/json |
- Json body parameters:
| Parameters | Type | Description |
|---|---|---|
| access_token | string | Access token for the CrowdStrike API. Can be achieved by calling to CrowdStrike_Base_Token flow. |
| type | string | The type of the indicator; for example, sha256, ipv4, etc. |
| value | string | The value of the indicator. |
Supported CDC Versions
- 2.8
Was this article helpful?