Crowdstrike Detections to Jira and Slack
detail.loadingPreview
Analyzes Crowdstrike detections, searches for IOCs in VirusTotal, creates Jira tickets, and posts notifications to Slack.
🚀Ready to Deploy This Workflow?
About This Workflow
Overview
This workflow automates the process of handling security alerts from Crowdstrike. When a new detection occurs, it retrieves detailed information, enriches it by searching for Indicators of Compromise (IOCs) in VirusTotal, creates a detailed ticket in Jira for incident response, and sends a notification to Slack for immediate awareness.
Key Features
- Automatically fetches recent detections from Crowdstrike.
- Enriches detections with IOC analysis from VirusTotal.
- Generates detailed Jira tickets for each detection.
- Sends summary notifications to Slack.
How To Use
- Configure Credentials: Set up credentials for Crowdstrike, VirusTotal, Jira, and Slack in n8n.
- Set Environment Variables: Define necessary environment variables like
API_BASE_URL,WEBHOOK_URL, etc. - Adjust Node Configurations: Modify the URL and authentication details in the
httpRequestnodes for Crowdstrike and VirusTotal. - Configure Jira Project and Issue Type: Select the appropriate Jira project and issue type.
- Customize Slack Notifications: Adjust the Slack message content and recipient as needed.
- Enable and Schedule: Enable the workflow and set the desired schedule for the
Schedule Triggernode.
Apps Used
Workflow JSON
{
"id": "1b988612-e2d2-40d8-bd4e-f2afc99a06d1",
"name": "Crowdstrike Detections to Jira and Slack",
"nodes": 0,
"category": "Security Automation",
"status": "active",
"version": "1.0.0"
}Note: This is a sample preview. The full workflow JSON contains node configurations, credentials placeholders, and execution logic.
Get This Workflow
ID: 1b988612-e2d2...
About the Author
SaaS_Connector
Integration Guru
Connecting CRM, Notion, and Slack to automate your life.
Statistics
Verification Info
Related Workflows
Discover more workflows you might like
Email Phishing Detection and Jira Ticketing
Detects phishing emails and creates Jira tickets for them.
Qualys Reports to The Hive Case
Fetches Qualys scan reports and creates cases in The Hive.
Phishing Analysis: URLScan.io and VirusTotal
Analyzes potential phishing URLs using URLScan.io and VirusTotal for enhanced cybersecurity.
Venafi Slack CertBot (Community Contributed - Unverified)
Automate CSR generation and certificate management via Slack, integrating with Venafi and Virustotal.
Community Contributed: Palo Alto Security Advisories Monitor
Monitors Palo Alto security advisories for specific keywords and notifies relevant parties.
Receive and Analyze Emails with Rules in Sublime Security
Ingest emails, analyze attachments using Sublime Security, and report findings to Slack.