The Tines library, curated by the team behind the orchestration, AI, and automation platform Tines, offers a collection of pre-built workflows shared by real security practitioners. These workflows are available for free import and deployment through the Community Edition of the platform. The bi-annual “You Did What with Tines?!” competition showcases innovative workflows submitted by users, demonstrating practical applications of large language models (LLMs) in addressing complex security operation challenges.
One notable workflow that emerged as a winner in the competition is designed to automate CrowdStrike RFM reporting. Created by Tom Power, a security analyst at The University of British Columbia, this workflow leverages orchestration, AI, and automation to streamline manual reporting processes. By automating the tracking and reporting of Falcon Sensor RFM across hosts, the workflow significantly reduces the time spent on manual reporting tasks.
The workflow developed by Tom Power eliminates the need for manual reporting by enabling analysts to submit requests through a simple web form. Through Tines’ AI-driven Automatic Mode, the workflow generates custom code to facilitate report creation efficiently. It not only produces consistent reports but also allows for monitoring trends in RFM occurrences, aiding proactive system health management and quicker decision-making.
Key benefits of implementing this automated workflow include freeing up analysts to focus on high-priority cybersecurity tasks, reducing manual effort and human error, delivering reliable reports for enhanced productivity, providing real-time insights for better decision-making, and boosting morale by eliminating tedious tasks. By automating the steps involved in generating RFM reports, the workflow ensures efficiency, accuracy, and up-to-date reporting on devices in reduced functionality mode.
To configure and deploy the workflow in Tines, users can follow a step-by-step guide that includes logging into Tines or creating a new account, enabling AI, creating CrowdStrike credentials, importing the pre-built workflow from the library, configuring actions, testing the workflow, and publishing it for use. The workflow’s unique features, such as Pages for web form submissions and Event Transform in Automatic Mode for AI-driven code composition, set it apart from other automation platforms. Interested users can sign up for a free account to explore AI functionalities in Tines and test out this workflow.
Source link