Overview
PSFalcon is a PowerShell Module that helps CrowdStrike Falcon users interact with the CrowdStrike Falcon OAuth2 APIs without having extensive knowledge of APIs or PowerShell. PSFalcon helps you automate tasks and perform actions outside of the Falcon UI. For example, you could create scripts that:
- Modify large numbers of detections, incidents, policies or rules
- Utilize Real-time Response to perform an action on many devices at the same time
- Upload or download malware samples or Real-time Response files
- Create/modify configurations for MSSP parent and child environments
Requirements
- An active Falcon subscription for the appropriate modules
- PowerShell 5.1+ (Windows), PowerShell 6+ (Linux/MacOS)
- A Falcon OAuth2 API Client with appropriate roles