Core capabilities
Our core capabilities highlight the most popular stories in Tines by function. Itβs a great place to find inspiration for what to buildΒ first.
Founded in security, we understand how workflows and automation streamline incident response processes to allow you to focus on more complex strategic tasks.
Tools: URLScan.io
Tools: ServiceNow, Splunk
Tools: EmailRep, URLScan.io, VirusTotal
Tools: VirusTotal
Tools: Hybrid Analysis
Leverage workflows to identify true positive alerts from your endpoint detection tools. Integrate threat intelligence to those workflows to prevent ongoing campaigns or known attacks.
This Story will run a given CrowdStrike RTR command against a provided Host ID. All default RTR scripts can be used.
Tools: CrowdStrike
Get EDR alerts for applications and services that Carbon Black has started or stopped on a system. Enrich application information using VirusTotal, generate a ticket in Jira and record the details, then isolate a machine if deemed malicious.
Tools: CarbonBlack, Jira Software, PagerDuty, VirusTotal
Query SentinelOne for unresolved threats, verify their maliciousness, and take remedial action. Notify users via email and gather the information in Jira.
Tools: Jira Software, SentinelOne, VirusTotal
Pulls a list of new CrowdStrike Detections, flags them as in progress in CrowdStrike, and gets the detection details for each one. For each detection, the individual behaviors are examined, and the process hash is checked in VirusTotal to see if it is known malicious. Where there is a provided IOC as part of the behavior, this is also checked in VirusTotal. A Jira ticket is created for each Detection, and a message sent to a Slack Channel.
Tools: CrowdStrike, Jira Software, Slack, VirusTotal
Vulnerability management is an ongoing process that can contain repetitive tasks. Automation can streamline the creation, updating, and closure of vulnerability reports and tickets, simplifying the ticket management process.
Tools: Qualys
Tools: Automox, CrowdStrike, Jira Software
Tools: Fleet
By Dave Herder at Fleet
Tools: GreyNoise, Jira Software, Slack, Tenable Vulnerability Management
Tools: Jira Software, JupiterOne
Incorporating automated workflows into Data Loss Prevention (DLP) helps you detect exposed or sensitive data and set access restrictions to this data. By creating solutions around these tools you can both detect possible issues and speed up remediation times of DLP incidents.