Analyze Crowdstrike detections and report in Jira and Microsoft Teams

Pulls a list of new CrowdStrike Detections, flags them as in progress in CrowdStrike, and gets the detection details for each one. The individual behaviors are examined for each detection, and the process hash is checked in VirusTotal to see if it is known as malicious. Where there is a provided IOC as part of the behavior, this is also checked in VirusTotal. A Jira ticket is created for each Detection, and a message is sent to a Microsoft Teams channel.

Get started with this Story
Was this helpful?