In this video, we will show how to go from a RiskIQ Threat Intelligence Article to CrowdStrike Falcon IOCs to generate new detections in CrowdStrike Falcon.
This video is a clip from the RiskIQ & CrowStrike THW on 8-13-2020 https://youtu.be/wiKVfwLNATk.
The PowerShell Scripts were created by Brendan Kremian Sr. Sales Engineer, Public Sector/Healthcare Pacific Northwest. https://github.com/bkremian/PSRiskIQ
The scripts were demonstrated during the RiskIQ Threat Hunting Workshop on Aug 13, 2020. https://youtu.be/wiKVfwLNATk
To Install PSRiskIQ https://youtu.be/prE3gkChxsU
How To Install PSFalcon https://youtu.be/fYimxCxkxh4
The scripts that take results for PT and copies them to Falcon can be found here. https://github.com/bkremian/Scripts Download, unzip, and place in the root of your Documents folder