Enrich CrowdStrike detections with Active Directory and correlate in Jira tickets

CrowdStrike EPP alerts are listed and for each alert, it determines the device owner in Active Directory. The alert is documented in Jira, either in a new ticket or an existing ticket if it is related to another existing alert. The unique identifier for determining if the Jira ticket is related is based on the "hostname, filename/path/hash" for each behaviour.

Tools

CrowdStrike, Jira Software, Microsoft, Microsoft Azure

How it works

Import this story to your tenant, from where you can adapt it to meet your unique needs.

Import

Was this story helpful?

Solutions

By product

Professional services

By team

Tines for

Partners

Blog

Tines Blog →

Discover & Learn

Case studies

Library

University

Tines Explained ^↗

Customer center

Join the team

Careers

Company

About

Tines Store ^↗