CrowdStrike × Tines

Integrating Tines’ automation platform with CrowdStrike’s endpoint protection empowers organizations to streamline and enhance their cybersecurity operations by automating threat detection and response workflows.

Book a demo Sign up free

Pre-built templates

With Tines, you can easily take any action that has a defined API. We've already pre-built some of the most popular ones for you, so you can build quickly.

View the latest security assessment report

Upload multiple IOCs

Upload File to Crowdstrike Falcon Sandbox

Upload a single IOC

Update the incident lifecycle state

Update an alert

Update a host group

Update a detection

Unmark a user

Take action on hosts

Submit uploaded file or a URL for sandbox analysis

Start a single-host RTR session

Set the authorizer for a programmatic account

Search IOCs

Search for the most recent incident alerts and related events

Search for interactive logins

Search cases in message center

Remove a user from the watchlist

Refresh a session timeout on a single host.

Query the identity protection API with a GraphQL query

Build your own connections

With Tines, you can easily take any action that has a defined API using an HTTP request. To build even more quickly, copy a cURL command and paste it into the storyboard.

cURL request

curl -v   -X GET   --location   "https://api.nasa.gov/neo/rest/v1/neo/browse?api_key=DEMO_KEY"   -H 'Content-Type: application/json'

Paste in your Tines story

Full workflow examples

Explore pre-built workflows for CrowdStrike. Use them for inspiration or as a starting point to build your custom automation solution.

Explore all →

Run a CrowdStrike Real Time Response command

Tools: CrowdStrike

Standardize and enrich EDR alerts across platforms

Tools: CrowdStrike, Jira Software, Slack, VirusTotal

Analyze Crowdstrike detections and report in Jira and Microsoft Teams

Tools: CrowdStrike, Jira Software, Microsoft, Microsoft Teams

Analyze and triage suspicious emails with various tools

Tools: CrowdStrike, EmailRep, Jira Software, NextDNS, URLScan.io, VirusTotal

Ingest, analyze and store IOCs with Tines

Tools: AbuseIPDB, CrowdStrike, GreyNoise, Pulsedive, Sublime Security, Tines, URLScan.io, VirusTotal

Check CrowdStrike agent is installed on new devices provisioned

Tools: CrowdStrike, Qualys, ServiceNow, Slack

Connect quickly

It takes minutes, not months, to connect to tools in Tines.

CrowdStrike connect flow

Learn how to authenticate CrowdStrike for use with Tines.

CrowdStrike authentication guide

Learn how to authenticate CrowdStrike for use with Tines.

Explore more resources

Check out our blogs that mention CrowdStrike, browse our learning paths, and more.

Blog

Managing CrowdStrike detections, analyzing behaviors, & containing user devices

Read now

Case studies

Powerful users, powerful studies

Discover how companies – from Fortune 10 to startups – apply Tines to transform the way their teams operate.

Read case studies

Learn

Tines University

Build your knowledge with dedicated learning paths at all levels.

Start learning

Learn

Learn to use Tines with our documentation

Go to docs

Trusted by industry innovators

Built by you,
powered by Tines

Book a demo Sign up free

Meet the product

Cases

Workbench

AI in Tines

Build apps

What’s new?

By product

Professional services

Partners

Tines Blog →

Case studies

Library

University

Tines Explained ↗

Customer center

About

Careers

Contact

Slack Community ↗

Newsroom