[FR] Enhance Crowdstrike Falcon integration with TheHive

[nusantara-self]

Feature description
Introduce new analyzers and responders to integrate CrowdStrike Falcon capabilities into TheHive, enhancing analysis, providing contextual information as well as response actions from within TheHive.

Describe the solution you'd like

1. New Analyzers:

   • CrowdstrikeFalcon Sandbox:
     • Submits file observables to the CrowdStrike Falcon Sandbox for analysis.
     • Retrieves results once the analysis is complete.
   • CrowdstrikeFalcon getDeviceAlerts:
     • Retrieves alerts associated with a specific hostname over a defined time range.
   • CrowdstrikeFalcon getDeviceDetails:
     • Fetches detailed information for a given hostname in CrowdStrike Falcon, including if the agent is in fully functional mode.
   • CrowdstrikeFalcon getDeviceVulnerabilities:
     • Retrieves the list of vulnerabilities impacting a specific device.

2. New Responders:

   • CrowdstrikeFalcon IOC:
     • Adds or removes Indicators of Compromise (IoCs) in the CrowdStrike Falcon platform.
     • Supports hashes, IPs, urls & domains.
   • CrowdstrikeFalcon Hosts:
     • Contains hosts
     • lift containment
     • Suppress detection, hide host etc..
   • CrowdstrikeFalcon Sync:
     • Synchronizes the status of alerts and incidents between TheHive (alert or case stages) and CrowdStrike

Additional Context
These analyzers/responders will all leverage falconpy.