CrowdStrike OAuth API Dynamic Analysis
Description
Accepts url link, domain or vault_id (hash) to be detonated using CrowdStrike OAuth API connector. This playbook produces a normalized output for each user and device.
- Type: Investigation
- Product: Splunk SOAR
- Apps: CrowdStrike OAuth API
- Last Updated: 2023-03-23
- Author: Teoderick Contreras, Splunk
- ID: 5299d9dc-e9d5-41fb-b051-92ace0ff816d
Associated Detections
How To Implement
This input playbook requires the Crowdstrike OAuth API connector to be configured. It is designed to work in conjunction with the Dynamic Attribute Lookup playbook or other playbooks in the same style.
Explore Playbook
Required field
Reference
source | version: 1