CrowdStrike OAuth2

Configure Radiant Security to sync CrowdStrike data.

In this guide, you'll configure the integration between Radiant Security and CrowdStrike so that your alerts and data can be triaged and leveraged by Radiant's AI.

At the end of this configuration, you will provide Radiant Security with the following values:

  • Client ID

  • Secret

  • Base URL

Create the credentials in CrowdStrike Falcon

  1. Access CrowdStrike Falcon as Admin.

  2. Expand the side menu and click Support and resources.

  3. Under Resources and tools, click API clients and keys.

  4. Click Create API.

  5. Enter a Client Name to help identify the credential (e.g. Radiant_Security_CrowdStrike).

  6. Under Scope, select Alerts: Read, Alerts: Write, NGSIEM: Read, NGSIEM: Write, CSPM Registration - Read (this last one is needed if you want Radiant to handle CSPM alerts.)

  7. Click Create.

  8. Copy and store the Client ID, Secret, and Base URL values.

Add the data connectors in Radiant Security

  1. Log in to Radiant Security.

  2. From the navigation menu, click Settings > Data Connectors and click + Add Connector.

  3. Search for and select the CrowdStrike OAuth2 option from the list and then click Data Feeds.

  4. Select the data feeds you want to ingest and click Credentials.

  5. In case you had already created credentials, select them from the drop-down and continue. If you haven’t created credentials yet, create one by giving the credential an identifiable name (e.g. CrowdStrike OAuth2 Credentials). Then, paste the values (Base URL, Client ID, and Client Secret Key) that you copied from the Create the credentials in CrowdStrike Falcon section. Leave the Prefix field empty.

  6. Click Add Connector to save the changes.

PreviousGenerate CrowdStrike Falcon CSPM Read-Only CredentialsNextDarktrace Email

Last updated