CrowdStrike × Tines

Integrating Tines’ automation platform with CrowdStrike’s endpoint protection empowers organizations to streamline and enhance their cybersecurity operations by automating threat detection and response workflows.

Book a demoSign up free

Pre-built templates

With Tines, you can easily take any action that has a defined API. We've already pre-built some of the most popular ones for you, so you can build quickly.

View the latest security assessment report
Upload multiple IOCs
Upload File to Crowdstrike Falcon Sandbox
Upload a single IOC
Update the incident lifecycle state
Update an alert
Update a host group
Update a detection
Unmark a user
Take action on hosts
Submit uploaded file or a URL for sandbox analysis
Start a single-host RTR session
Set the authorizer for a programmatic account
Search IOCs
Search for the most recent incident alerts and related events
Search for interactive logins
Remove a user from the watchlist
Refresh a session timeout on a single host.
Query the identity protection API with a GraphQL query
Query Severities

Build your own connections

With Tines, you can easily take any action that has a defined API using an HTTP request. To build even more quickly, copy a cURL command and paste it into the storyboard.

cURL request

curl -v -X GET --location "https://api.nasa.gov/neo/rest/v1/neo/browse?api_key=DEMO_KEY" -H 'Content-Type: application/json'

Paste in your Tines story

Full workflow examples

Explore pre-built workflows for CrowdStrike. Use them for inspiration or as a starting point to build your custom automation solution.

Verify CrowdStrike is present on new devices in Jamf

Tools: CrowdStrike, Jamf, Slack

Lookup IOCs in different tools via Slackbot

Tools: AbuseIPDB, Anomali ThreatStream, CrowdStrike, Hunter.io, Hybrid Analysis, MetaDefender, Pulsedive, Slack, URLScan.io, VirusTotal

Manage user accounts in CrowdStrike

Tools: CrowdStrike

By John Peter Vasanth

Generate a CrowdStrike RFM Report with AI

Tools: CrowdStrike

By Tom Power at University of British Columbia

Retrieve raw browser history artifacts from devices in CrowdStrike

Tools: CrowdStrike

By Ahmad Aziz at Booking.com

Track vulnerabilities identified in CrowdStrike Spotlight with Tines cases

Tools: CrowdStrike

By Sam Olson

Connect quickly

It takes minutes, not months, to connect to tools in Tines.

CrowdStrike connect flow

Learn how to authenticate CrowdStrike for use with Tines.

CrowdStrike authentication guide

Learn how to authenticate CrowdStrike for use with Tines.

Explore more resources

Check out our blogs that mention CrowdStrike, browse our learning paths, and more.

Blog

Managing CrowdStrike detections, analyzing behaviors, & containing user devices

Read now

Case studies

Powerful users, powerful studies

Discover how companies – from Fortune 10 to startups – apply Tines to transform the way their teams operate.

Read case studies

Learn

Tines University

Build your knowledge with dedicated learning paths at all levels.

Start learning

Learn

Learn to use Tines with our documentation

Go to docs

Trusted by industry innovators

CanvaCode42CoinbaseElasticGitLabIntercom
MarsMcKessonOak Ridge National LaboratoryOpenTableSnowflakeReddit

Built by you,
powered by Tines

Book a demoSign up free

Already have an account? Log in.