Asset Ingestion (NS1 and CrowdStrike) Asset Ingestion (NS1 and CrowdStrike)

Asset Ingestion (NS1 and CrowdStrike)

Chariot can integrate with several third-party platforms to ingest additional assets into its attack surface database and risk detection pipeline.

CrowdStrike

Clicking on the CrowdStrike integration card will bring up the following menu:

Chariot requires a Falcon API client to read assets managed by CrowdStrike. Please create a new API client with full Read permissions, following CrowdStrike's documentation.

Once you have created a new API client, provide the client's ID and secret in the menu above, along with your Falcon API base URL. Click Add to complete the integration.

Chariot will now regularly ingest assets from CrowdStrike for additional coverage.

NS1 Connect

Chariot can enumerate the DNS zones hosted in an NS1 account. First, sign into your NS1 account at https://my.nsone.net/. Then, click on your profile icon in the upper right-hand corner and select Users & teams:

 

From here, click API Keys and then Add Key:

You may name the key anything you like:

Chariot only needs two permissions: DNS Permissions > View zones and DNS Permissions > Allow by default. All other API key permissions can be disabled.

Once you have selected these two permissions, click Save API key:

On the Users & teams page, click the "i" icon next to your new API key to reveal the key cleartext. Copy this value to your clipboard:

Back in Chariot, click on the NS1 integration card and paste your API key into the menu:

Once integrated, Chariot will regularly check your NS1 deployment for new DNS zones.

If you have configured your NS1 deployment to use IP whitelisting, please reach out to the Chariot team to get a list of our IP addresses.