CrowdStrike - Alert Triage
- 02 Apr 2025
- 1 Minute to read
- DarkLight
- PDF
CrowdStrike - Alert Triage
- Updated on 02 Apr 2025
- 1 Minute to read
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback!
CrowdStrike - Alert Triage
Description
CrowdStrike Alert Triage is an automated solution that helps security teams quickly triage and investigate alerts from CrowdStrike Falcon, a cloud-native endpoint protection platform. Security teams can quickly identify and prioritize potential threats, reducing the time and effort needed to investigate and respond to alerts. CrowdStrike Alert Triage automates the process of alert triage, allowing teams to quickly and accurately identify threats, prioritize the most important alerts, and take action on them. This solution also provides detailed reporting and analytics, giving teams the insights they need to better understand their security posture and take proactive measures to protect their organization. With CrowdStrike Alert Triage, security teams can reduce alert fatigue, improve response times, and gain better visibility into their security posture.
Trigger Request
HTTP Post Request
Headers:
| Key | Value |
|---|---|
| Content-Type | application/json |
- Json body parameters:
| Parameters | Type | Description |
|---|---|---|
| alertID | string | CDC alert ID to send the flow output to. |
| alertName | string | CDC alert name of the provided alert ID. |
| detectionID | string | CrowdStrike detection ID to triage. |
Supported CDC Versions
- 2.8
Was this article helpful?