Skip to main content

Workflow Template: Initial CrowdStrike Case Creation

Receives an alert event from CrowdStrike and creates a case with Torq using the field mapping nested workflow.

Updated yesterday

The "Initial CrowdStrike Case Creation" workflow template streamlines incident response by automating the creation of cases from CrowdStrike alerts. Upon receiving an alert, the workflow maps alert fields to a predefined case layout and generates a new case, ensuring consistent and efficient case management. This process enhances security operations by reducing manual effort and accelerating response times, allowing teams to focus on critical threat analysis and mitigation.

Take Me to the Template

Trigger

CrowdStrike

Use Cases

Case Management

Workflow Breakdown

  1. Receives an alert event on a CrowdStrike Trigger.

  2. Map alert fields to a predefined case layout.

  3. Creates a new case for the alert with a predefined layout.

Vendors

Utils, CrowdStrike, Torq Cases

Tips

Related Articles
Workflow Template: Initial Microsoft Defender for Endpoint Case Creation
Workflow Template: Initial Intezer Case Creation
Workflow Template: Poll for new SentinelOne Threats and Open a Torq Case
Workflow Template: Poll for new CrowdStrike Alerts and Open a Torq Case
Workflow Template: Initial SentinelOne Case Creation
Did this answer your question?