通过扩大与 CrowdStrike 的合作关系,增强客户与 Cloudflare 电子邮件安全和 Zero Trust 的集成
2024-09-11
本博客文章将阐述 Cloudflare 与 CrowdStrike Falcon® Next-Gen SIEM 集成如何帮助客户识别和调查存在风险的用户行为,并结合其他日志源分析数据,发现隐藏的威胁。...
\n
为连接器命名并选择“保存”,您将会收到两则信息:一个 API 密钥,以及一个 API URL。请务必记下该密钥,因为它只会显示一次。
\n接着,在 Cloudflare 中,通过 API 创建一个 HTTP Logpush 作业,并将“destination_conf”字段设置为如下格式:
"destination_conf": "<API URL>?header_Authorization=Bearer%20<API KEY>&tags=<ZONE>,dataset:<DATASET>"
注意:
对于帐户级 Logpush 作业,<ZONE> 是选填字段
<DATASET> 遵循点分隔语法,因此,http_requests
会变成 http.requests
创建并激活作业后,您将会看到 Falcon 仪表板的“我的连接器”部分中填充的事件。Cloudflare 数据填充到 Falcon Next-Gen SIEM 后,此时,您便可以根据 Cloudflare 日志事件来搜索事件,以及创建 Falcon Fusion SOAR 自动化工作流程和关联规则。
\nCrowdStrike 与 Cloudflare 两者的共享遥测数据将进一步缩短遏制威胁的平均时间,并提高组织果断应对其环境中的风险的能力。这两个平台团结一致、通力合作,让组织能够阻止可疑活动并向安全分析师发送高保真警报,供其进行进一步的调查。
如需进一步了解这些集成,请随时联系我们并开始咨询。我们可以讨论贵组织的现有环境,确保您做好充分准备,改善新兴威胁监测并改进补救措施。
"],"published_at":[0,"2024-09-11T14:00+01:00"],"updated_at":[0,"2024-10-10T14:27:31.829Z"],"feature_image":[0,"https://cf-assets.www.cloudflare.com/zkvhlag99gkb/6QchhuiBpH2stv3DfpsRFe/d7f214617dcef103ddbb3feb9efeac95/image4.png"],"tags":[1,[[0,{"id":[0,"V86khSc459Yi1AhTlvtY7"],"name":[0,"合作伙伴"],"slug":[0,"partners"]}],[0,{"id":[0,"1RLvuKAYbpdL7SbAtcJgQ0"],"name":[0,"CrowdStrike"],"slug":[0,"crowdstrike"]}],[0,{"id":[0,"J61Eszqn98amrYHq4IhTx"],"name":[0,"Zero Trust"],"slug":[0,"zero-trust"]}]]],"relatedTags":[0],"authors":[1,[[0,{"name":[0,"Corey Mahan"],"slug":[0,"corey-mahan"],"bio":[0,null],"profile_image":[0,"https://cf-assets.www.cloudflare.com/zkvhlag99gkb/rO7Nrs04WulaUyysGKjYg/460181b0382fae4856241497c97fbd22/corey-mahan.png"],"location":[0,null],"website":[0,null],"twitter":[0,"@coreymahan"],"facebook":[0,null]}],[0,{"name":[0,"Andrew Meyer"],"slug":[0,"andrew-meyer"],"bio":[0,null],"profile_image":[0,"https://cf-assets.www.cloudflare.com/zkvhlag99gkb/6Jff1jGQVWZWRwM9YtLR5Z/0248d1683c0621d0d2445062534deff4/unnamed__1_.jpg"],"location":[0,"Seattle"],"website":[0,null],"twitter":[0,null],"facebook":[0,null]}],[0,{"name":[0,"Ayush Kumar"],"slug":[0,"ayush"],"bio":[0,null],"profile_image":[0,"https://cf-assets.www.cloudflare.com/zkvhlag99gkb/16XufphFwxLrjgrc4HQd5K/31b6f03b182f3fd13f09ad34ad9de18c/ayush.png"],"location":[0,null],"website":[0,null],"twitter":[0,null],"facebook":[0,null]}],[0,{"name":[0,"Michael Mcgrory"],"slug":[0,"michael-mcgrory"],"bio":[0],"profile_image":[0,"https://cf-assets.www.cloudflare.com/zkvhlag99gkb/3TJXyOr6bfJxs9wLgGhNLJ/7390ade203c6edfe974e0dc57e2ace66/_tmp_mini_magick20231129-2-1o9ova9.jpg"],"location":[0],"website":[0],"twitter":[0],"facebook":[0]}],[0,{"name":[0,"Gavin Chen"],"slug":[0,"gavin"],"bio":[0,null],"profile_image":[0,"https://cf-assets.www.cloudflare.com/zkvhlag99gkb/6nfAuFZQX9r4tGd5uG73zH/77abec6a219f147eb78d69353fb6f019/gavin.png"],"location":[0,"Burlingame, CA"],"website":[0,null],"twitter":[0,null],"facebook":[0,null]}]]],"meta_description":[0,"本博客文章将阐述 Cloudflare 与 CrowdStrike Falcon® Next-Gen SIEM 集成如何帮助客户识别和调查存在风险的用户行为,并结合其他日志源分析数据,发现隐藏的威胁。"],"primary_author":[0,{}],"localeList":[0,{"name":[0,"Loc: Customers get increased integration with Cloudflare Email Security and Zero Trust through expanded partnership with CrowdStrike (CN,TW)"],"enUS":[0,"English for Locale"],"zhCN":[0,"Translated for Locale"],"zhHansCN":[0,"No Page for Locale"],"zhTW":[0,"Translated for Locale"],"frFR":[0,"No Page for Locale"],"deDE":[0,"No Page for Locale"],"itIT":[0,"No Page for Locale"],"jaJP":[0,"No Page for Locale"],"koKR":[0,"No Page for Locale"],"ptBR":[0,"No Page for Locale"],"esLA":[0,"No Page for Locale"],"esES":[0,"No Page for Locale"],"enAU":[0,"No Page for Locale"],"enCA":[0,"No Page for Locale"],"enIN":[0,"No Page for Locale"],"enGB":[0,"No Page for Locale"],"idID":[0,"No Page for Locale"],"ruRU":[0,"No Page for Locale"],"svSE":[0,"No Page for Locale"],"viVN":[0,"No Page for Locale"],"plPL":[0,"No Page for Locale"],"arAR":[0,"No Page for Locale"],"nlNL":[0,"No Page for Locale"],"thTH":[0,"No Page for Locale"],"trTR":[0,"No Page for Locale"],"heIL":[0,"No Page for Locale"],"lvLV":[0,"No Page for Locale"],"etEE":[0,"No Page for Locale"],"ltLT":[0,"No Page for Locale"]}],"url":[0,"https://blog.cloudflare.com/customers-get-increased-integration-with-cloudflare-email-security-and-zero-trust"],"metadata":[0,{"title":[0,"Customers get increased integration with Cloudflare Email Security and Zero Trust through expanded partnership with CrowdStrike"],"description":[0,"This post explains how our integrations with CrowdStrike Falcon® Next-Gen SIEM allow customers to identify and investigate risky user behavior and analyze data combined with other log sources to uncover hidden threats. "],"imgPreview":[0,"https://cf-assets.www.cloudflare.com/zkvhlag99gkb/R8b3OcIJSR4gWYdssurUZ/8492cd1dbf0d9518637d6b25c0c22d1e/Customers_get_increased_integration_with_Cloudflare_Email_Security_and_Zero_Trust_through_expanded_partnership_with_CrowdStr.png"]}]}],"locale":[0,"zh-cn"],"translations":[0,{"posts.by":[0,"作者"],"footer.gdpr":[0,"GDPR"],"lang_blurb1":[0,"这篇博文也有 {lang1} 版本。"],"lang_blurb2":[0,"这篇博文也有 {lang1} 和{lang2}版本。"],"lang_blurb3":[0,"这篇博文也有 {lang1}、{lang2} 和{lang3}版本。"],"footer.press":[0,"新闻"],"header.title":[0,"Cloudflare 博客"],"search.clear":[0,"清除"],"search.filter":[0,"过滤"],"search.source":[0,"来源"],"footer.careers":[0,"招聘"],"footer.company":[0,"公司"],"footer.support":[0,"支持"],"footer.the_net":[0,"theNet"],"search.filters":[0,"过滤器"],"footer.our_team":[0,"我们的团队"],"footer.webinars":[0,"网络研讨会"],"page.more_posts":[0,"更多帖子"],"posts.time_read":[0,"{time} 分钟阅读时间"],"search.language":[0,"语言"],"footer.community":[0,"社区"],"footer.resources":[0,"资源"],"footer.solutions":[0,"解决方案"],"footer.trademark":[0,"商标"],"header.subscribe":[0,"订阅"],"footer.compliance":[0,"合规性"],"footer.free_plans":[0,"Free 计划"],"footer.impact_ESG":[0,"影响/ESG"],"posts.follow_on_X":[0,"在 X 上关注"],"footer.help_center":[0,"帮助中心"],"footer.network_map":[0,"网络地图"],"header.please_wait":[0,"请稍候"],"page.related_posts":[0,"相关帖子"],"search.result_stat":[0,"针对 {search_keyword} 的第 {search_range} 个搜索结果(共 {search_total} 个结果)"],"footer.case_studies":[0,"案例研究"],"footer.connect_2024":[0,"Connect 2024"],"footer.terms_of_use":[0,"服务条款"],"footer.white_papers":[0,"白皮书"],"footer.cloudflare_tv":[0,"Cloudflare TV"],"footer.community_hub":[0,"社区中心"],"footer.compare_plans":[0,"比较各项计划"],"footer.contact_sales":[0,"联系销售"],"header.contact_sales":[0,"联系销售团队"],"header.email_address":[0,"电子邮件地址"],"page.error.not_found":[0,"未找到页面"],"footer.developer_docs":[0,"开发人员文档"],"footer.privacy_policy":[0,"隐私政策"],"footer.request_a_demo":[0,"请求演示"],"page.continue_reading":[0,"继续阅读"],"footer.analysts_report":[0,"分析报告"],"footer.for_enterprises":[0,"企业级服务"],"footer.getting_started":[0,"开始使用"],"footer.learning_center":[0,"学习中心"],"footer.project_galileo":[0,"Project Galileo"],"pagination.newer_posts":[0,"较新的帖子"],"pagination.older_posts":[0,"较旧的帖子"],"posts.social_buttons.x":[0,"在 X 上讨论"],"search.icon_aria_label":[0,"搜索"],"search.source_location":[0,"来源/位置"],"footer.about_cloudflare":[0,"关于 Cloudflare"],"footer.athenian_project":[0,"Athenian Project"],"footer.become_a_partner":[0,"成为合作伙伴"],"footer.cloudflare_radar":[0,"Cloudflare Radar"],"footer.network_services":[0,"网络服务"],"footer.trust_and_safety":[0,"信任与安全"],"header.get_started_free":[0,"免费开始使用"],"page.search.placeholder":[0,"搜索 Cloudflare"],"footer.cloudflare_status":[0,"Cloudflare 状态"],"footer.cookie_preference":[0,"Cookie 首选项"],"header.valid_email_error":[0,"必须是有效的电子邮件地址。"],"search.result_stat_empty":[0,"显示第 {search_range} 个结果(共 {search_total} 个结果)"],"footer.connectivity_cloud":[0,"全球连通云"],"footer.developer_services":[0,"开发人员服务"],"footer.investor_relations":[0,"投资者关系"],"page.not_found.error_code":[0,"错误代码:404"],"search.autocomplete_title":[0,"请输入查询内容。按回车键发送"],"footer.logos_and_press_kit":[0,"标识与媒体资料包"],"footer.application_services":[0,"应用程序服务"],"footer.get_a_recommendation":[0,"获得推荐"],"posts.social_buttons.reddit":[0,"在 Reddit 上讨论"],"footer.sse_and_sase_services":[0,"SSE 和 SASE 服务"],"page.not_found.outdated_link":[0,"您可能使用了过期的链接,或者输入了错误的地址。"],"footer.report_security_issues":[0,"报告安全问题"],"page.error.error_message_page":[0,"抱歉,我们找不到您要打开的页面。"],"header.subscribe_notifications":[0,"订阅以接收新文章的通知:"],"footer.cloudflare_for_campaigns":[0,"Cloudflare for Campaigns"],"header.subscription_confimation":[0,"订阅已确认。感谢订阅!"],"posts.social_buttons.hackernews":[0,"在 Hacker News 上讨论"],"footer.diversity_equity_inclusion":[0,"多元、公平与包容"],"footer.critical_infrastructure_defense_project":[0,"关键基础设施防护项目"]}]}" ssr="" client="load" opts="{"name":"PostCard","value":true}" await-children="">2024-09-11
本博客文章将阐述 Cloudflare 与 CrowdStrike Falcon® Next-Gen SIEM 集成如何帮助客户识别和调查存在风险的用户行为,并结合其他日志源分析数据,发现隐藏的威胁。...
2024-03-04
恶意行为者利用生成式 AI 来进行更有说服力的网络钓鱼攻击。了解 Cloudflare 的电子邮件安全系统如何利用先进的机器学习模型来看穿欺骗...
2024-03-04
从识别网络钓鱼尝试到保护应用程序和 API,Cloudflare 使用 AI 来提升其安全解决方案抵御新威胁以及更复杂威胁的有效性...
2023-09-29
我们现在宣布,Cloudflare 客户可以扫描其 Office 365 收件箱中的旧邮件以发现威胁。Retro Scan 功能可以让您回溯七天,检查当前电子邮件安全工具所漏检的威胁...
2023-01-11
客户可以利用电子邮件安全和 Cloudflare One 的强大功能,以防企业网络数据丢失...