In this tutorial, you will create a Foundry app that enriches Falcon detections with third-party data. The app uses VirusTotal to scan the IP address associated with a detection and displays the data on the Next-Gen SIEM endpoint detection details page of the Falcon console. - View it on GitHub