crowdstrike/fltr-firewall-adversaries

The CrowdStrike FLTR Firewall Adversaries integration package uses CrowdStrike's threat intelligence to enhance the FLTR (Falcon Long-Term Repository) firewall capabilities with adversary-focused protections. It helps security teams to identify firewall rules that need updating, based on known adversary tactics, and indicators, making it easier to proactively block malicious network connections.

This integration enables security teams to implement threat-actor-specific network defenses that complement endpoint protection, creating a more comprehensive security posture. By focusing on adversary techniques rather than just indicators, it provides more resilient and contextual network security controls.