Tripo AI 3D Generator
Mini toolsExtension Builder tutorial Foundry app
In this tutorial, you will create a Foundry app that enriches Falcon detections with third-party data. The app uses VirusTotal to scan the IP address associated with a detection and displays the data on the Next-Gen SIEM endpoint detection details page of the Falcon console.
README
Extension Builder tutorial Foundry app
[!IMPORTANT]
To view this tutorial and import the app, you need access to the Falcon console.
This code is the result of doing the Falcon Foundry Create a Detection Enrichment App with Foundry Extension Builder tutorial.
Prerequisites
- Falcon Insight XDR or Falcon Prevent (one app)
- Falcon Next-Gen SIEM or Falcon Foundry (1+ apps depending on entitlement)
Getting Started
- Download this repository as a zip file.
- Log in to the Falcon console and go to Foundry > App manager.
- Click Import app and select the zip file you downloaded.
- Click Import.
[!TIP]
If you get an error that the name already exists, change the name to something unique to your CID when importing the app.
Links
This example uses the following CrowdStrike products:
Help
Please post any questions as issues in this repo, ask for help in our CrowdStrike subreddit, or post your question to our Foundry Developer Community.
Support
The foundry-tutorial-extension-builder repo is the resulting code from doing the Foundry Create a Detection Enrichment App with Foundry Extension Builder tutorial. While not a formal CrowdStrike product, foundry-tutorial-extension-builder is maintained by CrowdStrike and supported in partnership with the open source developer community.
License
MIT, see LICENSE.
