Skip to main content

Initial CrowdStrike Case Creation - Workflow Template

Receives an alert event from CrowdStrike and creates a case with Torq using the field mapping nested workflow.

Updated yesterday

This workflow template, "Initial CrowdStrike Case Creation," automates the response to cybersecurity alerts by seamlessly integrating CrowdStrike and Torq. It initiates when it receives an alert from CrowdStrike and proceeds to create a structured case in Torq. The template maps alert fields to a predefined case layout, ensuring all relevant information is captured and organized for efficient case management and incident response. This process is enhanced by a nested workflow, which facilitates the field mapping necessary for customized case creation, aligning with best practices in case management.

Take Me to the Template

Trigger

CrowdStrike

Use Cases

Case Management

Workflow Breakdown

  1. Receives an alert event on a CrowdStrike Trigger.

  2. Map alert fields to a predefined case layout.

  3. Creates a new case for the alert with a predefined layout.

Vendors

Utils, CrowdStrike, Torq Cases

Tips

Related Articles
Create a Torq Case from a QRadar Offense - Workflow Template
Initial Microsoft Defender for Endpoint Case Creation - Workflow Template
Initial Intezer Case Creation - Workflow Template
Poll for new CrowdStrike Alerts and Open a Torq Case - Workflow Template
Initial SentinelOne Case Creation - Workflow Template
Did this answer your question?