From d65804b80373c208b05330fbc2c8e4d4e6e0ef80 Mon Sep 17 00:00:00 2001 From: Shreyash Naik Date: Tue, 30 Jun 2026 10:01:17 +0530 Subject: [PATCH 1/2] CSOAR-5038:CrowdStrike Falcon Intelligence Integration update --- .../crowdstrike-falcon-intelligence.md | 21 +++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) diff --git a/docs/platform-services/automation-service/app-central/integrations/crowdstrike-falcon-intelligence.md b/docs/platform-services/automation-service/app-central/integrations/crowdstrike-falcon-intelligence.md index bb21bcc693..16f15b1ed7 100644 --- a/docs/platform-services/automation-service/app-central/integrations/crowdstrike-falcon-intelligence.md +++ b/docs/platform-services/automation-service/app-central/integrations/crowdstrike-falcon-intelligence.md @@ -7,8 +7,8 @@ import useBaseUrl from '@docusaurus/useBaseUrl'; CrowdStrike Falcon Intelligence icon -***Version: 1.8 -Updated: March 31, 2026*** +***Version: 1.9 +Updated: June 30, 2026*** CrowdStrike® Falcon Intelligence™ is an automated threat intelligence service built on the CrowdStrike Falcon Platform. It automates incident investigations and streamlines breach response so you can make faster, more confident cyber security decisions. Organizations, regardless of size or sophistication, learn from the attacks in their environment applying that knowledge to proactively prevent future attacks. Falcon Intelligence provides insight into global threats, tracked by CrowdStrike’s elite team of intelligence experts. @@ -30,6 +30,22 @@ CrowdStrike® Falcon Intelligence™ is an automated threat intelligence service * **Submit File** (*Enrichment*) - Submit a file for sandbox analysis. The time required for analysis varies but is usually less than 15 minutes, by using the **Submission Status Polling** action. * **Submit URL** (*Enrichment*) - Submit a URL for sandbox analysis. The time required for analysis varies but is usually less than 15 minutes, by using the **Submission Status Polling** action. +## Sandbox Environments + +The following sandbox environments are available for file and URL analysis: + +| ID | Environment | Status | +|---|---|---| +| 430 | macOS Tahoe ARM | Current | +| 400 | macOS Catalina 10.15 | Deprecated → falls back to 430 | +| 330 | Linux Ubuntu 24, 64-bit | Current | +| 310 | Linux Ubuntu 20, 64-bit | Deprecated → falls back to 330 | +| 200 | Android (static analysis) | Current | +| 160 | Windows 10, 64-bit | Current | +| 140 | Windows 11, 64-bit | Current | +| 110 | Windows 7, 64-bit | Current | +| 100 | Windows 7, 32-bit | Current | + ## CrowdStrike Falcon Intelligence configuration Create API clients to grant various levels of API access for Falcon Intelligence. @@ -85,3 +101,4 @@ For information about CrowdStrike Falcon Intelligence, see [CrowdStrike document * June 30, 2023 (v1.5) - Updated the integration with Environmental Variables * March 4, 2024 (v1.7) - Updated code for compatibility with Python 3.12 * March 31, 2026 (v1.8) - Upgraded the `python3_generic` Docker image (Python 3.8) to `python3_12_generic` (Python 3.12) to address Python 3.8 end-of-life and improve security and performance. +* June 30, 2026 (v1.9) - Added sandbox environments section with current and deprecated environment details. From fc5940e5be1c9e72673020fb3490125563937263 Mon Sep 17 00:00:00 2001 From: Shreyash Naik Date: Tue, 30 Jun 2026 12:39:53 +0530 Subject: [PATCH 2/2] CSOAR-5038:comment resolved --- .../integrations/crowdstrike-falcon-intelligence.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/platform-services/automation-service/app-central/integrations/crowdstrike-falcon-intelligence.md b/docs/platform-services/automation-service/app-central/integrations/crowdstrike-falcon-intelligence.md index 16f15b1ed7..ab12a64b4d 100644 --- a/docs/platform-services/automation-service/app-central/integrations/crowdstrike-falcon-intelligence.md +++ b/docs/platform-services/automation-service/app-central/integrations/crowdstrike-falcon-intelligence.md @@ -41,8 +41,8 @@ The following sandbox environments are available for file and URL analysis: | 330 | Linux Ubuntu 24, 64-bit | Current | | 310 | Linux Ubuntu 20, 64-bit | Deprecated → falls back to 330 | | 200 | Android (static analysis) | Current | -| 160 | Windows 10, 64-bit | Current | | 140 | Windows 11, 64-bit | Current | +| 160 | Windows 10, 64-bit | Current | | 110 | Windows 7, 64-bit | Current | | 100 | Windows 7, 32-bit | Current | @@ -101,4 +101,4 @@ For information about CrowdStrike Falcon Intelligence, see [CrowdStrike document * June 30, 2023 (v1.5) - Updated the integration with Environmental Variables * March 4, 2024 (v1.7) - Updated code for compatibility with Python 3.12 * March 31, 2026 (v1.8) - Upgraded the `python3_generic` Docker image (Python 3.8) to `python3_12_generic` (Python 3.12) to address Python 3.8 end-of-life and improve security and performance. -* June 30, 2026 (v1.9) - Added sandbox environments section with current and deprecated environment details. +* June 30, 2026 (v1.9) - Updated the available sandbox environments to align with the latest platform support. Ubuntu 16.04 has been removed, Ubuntu 20 is now deprecated, and Ubuntu 24 has been added