Cortex XDR × Tines

Integrating Tines’ powerful automation workflows with Cortex XDR’s advanced threat detection capabilities significantly enhances incident response efficiency and precision.

Pre-built templates

With Tines, you can easily take any action that has a defined API. We've already pre-built some of the most popular ones for you, so you can build quickly.

Get Violations List in Cortex XDR
Get Violations in Cortex XDR
Get Scripts List in Cortex XDR
Get Policy in Cortex XDR
Get Incidents in Cortex XDR
Get Extra Incident Data in Cortex XDR
Get Endpoints List in Cortex XDR
Get an Endpoint in Cortex XDR
Get All Endpoints in Cortex XDR
Get Alerts List in Cortex XDR
Delete Endpoints in Cortex XDR
Create isolatation for single endpoint in Cortex XDR

Build your own connections

With Tines, you can easily take any action that has a defined API using an HTTP request. To build even more quickly, copy a cURL command and paste it into the storyboard.

cURL request

curl -v -X GET --location "https://api.nasa.gov/neo/rest/v1/neo/browse?api_key=DEMO_KEY" -H 'Content-Type: application/json'

Paste in your Tines story

Full workflow examples

Explore pre-built workflows for Cortex XDR. Use them for inspiration or as a starting point to build your custom automation solution.

Generate sample security alerts with Tines or Cortex XDR

From the submitter: Generate sample security alerts for alerts retrieved from Tines Cases or Palo Alto's Cortex XDR. This generates a sample file which can be used for testing other automations.

Created by

Conor Dunne

Trusted by industry innovators

CanvaCode42CoinbaseElasticGitLabIntercom
MarsMcKessonOak Ridge National LaboratoryOpenTableSnowflakeReddit

Built by you,
powered by Tines

Already have an account? Log in.