Triage for CrowdStrike alert (multitenant)
- 02 Apr 2025
- 1 Minute to read
- DarkLight
- PDF
Triage for CrowdStrike alert (multitenant)
- Updated on 02 Apr 2025
- 1 Minute to read
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback!
Triage for CrowdStrike alert (multitenant)
Description
Triage for CrowdStrike Alert (Multi-Tenant) is an automated workflow solution designed to streamline the process of responding to security alerts generated by CrowdStrike. This solution provides an efficient way to quickly assess and respond to alerts, allowing organizations to quickly identify and respond to threats. It automates the process of triaging alerts - determining the severity of the alert, and taking the appropriate action. This solution is designed to be used by organizations of all sizes, from small businesses to large enterprises, and is capable of handling multiple tenants simultaneously. With this solution, organizations can quickly identify and respond to threats, reducing the risk of a security breach and improving their overall security posture.
Trigger Request
HTTP Post Request
Headers:
| Key | Value |
|---|---|
| Content-Type | application/json |
- Json body parameters:
| Parameters | Type | Description |
|---|---|---|
| alertID | string | The CDC alert ID that triggered the playbook |
| detectionID | string | The CrowdStrike detection ID that triggered the alert. |
Supported CDC Versions
- 2.8
Was this article helpful?