CrowdStrike × Tines

Integrating Tines’ automation platform with CrowdStrike’s endpoint protection empowers organizations to streamline and enhance their cybersecurity operations by automating threat detection and response workflows.

Book a demo Sign up free

Pre-built templates

With Tines, you can easily take any action that has a defined API. We've already pre-built some of the most popular ones for you, so you can build quickly.

View the latest security assessment report

Upload multiple IOCs

Upload File to Crowdstrike Falcon Sandbox

Upload a single IOC

Update the incident lifecycle state

Update incidents

Update an alert

Update a host group

Update a detection

Unmark a user

Take action on hosts

Submit uploaded file or a URL for sandbox analysis

Start a single-host RTR session

Show role IDs for all roles available in your customer account

Set the authorizer for a programmatic account

Set precedence of Firewall Policies based on order of ID

Search workflow executions

Search workflow definitions

Search IOCs

Search for triggers by namespace identifier

Build your own connections

With Tines, you can easily take any action that has a defined API using an HTTP request. To build even more quickly, copy a cURL command and paste it into the storyboard.

cURL request

curl -v   -X GET   --location   "https://api.nasa.gov/neo/rest/v1/neo/browse?api_key=DEMO_KEY"   -H 'Content-Type: application/json'

Paste in your Tines story

Full workflow examples

Explore pre-built workflows for CrowdStrike. Use them for inspiration or as a starting point to build your custom automation solution.

Explore all →

Respond to alerts from various tools with the AI Agent Action

Tools: CrowdStrike, SentinelOne

Triage alerts with agents using SOPs in Confluence

Tools: AbuseIPDB, Confluence, CrowdStrike, EmailRep, Okta, Slack, Tavily, Tines, URLScan.io, VirusTotal

Add CrowdStrike Spotlight vulnerability evidence to Drata

Tools: CrowdStrike, Drata

Export CrowdStrike detections to Google Cloud Storage as CSV

Tools: CrowdStrike, Google Cloud Storage

Export CrowdStrike detections to OneDrive as CSV

Tools: CrowdStrike, Microsoft OneDrive

Lookup IOCs in different tools via Slackbot

Tools: Abuse.ch, AbuseIPDB, Anomali ThreatStream, CrowdStrike, Hunter.io, Hybrid Analysis, MetaDefender, Pulsedive, Slack, URLScan.io, VirusTotal

Connect quickly

It takes minutes, not months, to connect to tools in Tines.

CrowdStrike connect flow

Learn how to authenticate CrowdStrike for use with Tines.

CrowdStrike authentication guide

Learn how to authenticate CrowdStrike for use with Tines.

Explore more resources

Check out our blogs that mention CrowdStrike, browse our learning paths, and more.

Blog

Managing CrowdStrike detections, analyzing behaviors, & containing user devices

Read now

Case studies

Powerful users, powerful studies

Discover how companies – from Fortune 10 to startups – apply Tines to transform the way their teams operate.

Read case studies

Learn

Tines University

Build your knowledge with dedicated learning paths at all levels.

Start learning

Learn

Learn to use Tines with our documentation

Go to docs

Trusted by industry innovators

Built by you,
powered by Tines

Book a demo Sign up free

By product

Professional services

Partners

Tines Blog →

Case studies

Library

University

Tines Explained ↗

Customer center

Careers

About

Tines Store ↗