# FalconFeeds Module

The FalconFeeds Module allows you to import the Threat Feed from FalconFeeds.io straight into your Liberty91 tenant. Those events are then enriched in the same way as any other event, meaning they will automatically be checked for relevance, scanned for threats, Indicators of Compromise (IOCs), MITRE ATT\&CK Techniques, assets and (importantly) suppliers.

You need to have at least the [FalconFeeds Business subscription](https://falconfeeds.io/pricing) to be able to use this module.&#x20;

To find your FalconFeeds API-key, click <https://dash.falconfeeds.io/profile/api>, or go to their portal, login, click to skip straight to the dashboard, then click on your profile avatar (it will be a circle with the first letter of your name). In your profile overview, click on 'API Access'.

<figure><img src="/files/4gpK6gDDQJYsTMrFtcCb" alt=""><figcaption></figcaption></figure>

Click on 'Generate New Key'. Name your key 'Liberty91' and set it to 'never expire'. The key will then appear in a pop-up window. You need to copy and paste this before clicking away, because it will not be shown again and you will have to regenerate a new key if you loose it.

Paste the key in the appropriate field in the [FalconFeeds Module in Liberty91](https://platform.liberty91.com/falconfeeds/1/update/), and new events should start pouring in immediately.

Turning on this module consumes between 1 and 10 API calls upon activation, and 496 API-calls per month after that.&#x20;

<figure><img src="/files/mVVSKWYSFzxYQEaRw94l" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.liberty91.com/modules/collection-modules/falconfeeds-module.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.