December 13, 2024 at 07:33AM
The Tines library offers free, pre-built workflows for security operations, including an award-winning automated reporting system for CrowdStrike RFM by Tom Power. This workflow streamlines manual processes, saving over 25 hours annually, enhances decision-making, and reduces errors, thereby allowing analysts to focus on critical cybersecurity tasks.
### Meeting Takeaways
1. **Overview of Tines and Workflow Library**:
– Tines offers a library of pre-built workflows created by community security practitioners, which are free to use via the Community Edition.
2. **Competition Highlight**:
– The “You Did What with Tines?!” competition showcases innovative user workflows, including those utilizing large language models to solve security operations challenges.
3. **Featured Automated Workflow**:
– A notable winning workflow automates CrowdStrike RFM reporting, developed by Tom Power from The University of British Columbia, significantly reducing manual reporting time.
4. **Problem Identification**:
– The manual reporting process took about 30 minutes weekly, totaling over 25 hours yearly, and was essential for identifying issues with CrowdStrike sensors and kernel updates.
5. **Workflow Solution**:
– The automated workflow streamlines the tracking and reporting of Falcon Sensor RFM, providing regular reports and insights without manual intervention.
6. **Key Benefits**:
– Frees up analyst time for critical tasks, reduces human error, ensures consistent reporting, enhances decision-making with real-time insights, and boosts team morale.
7. **Workflow Tools Used**:
– Tines (for orchestration and automation) and CrowdStrike (for endpoint data retrieval via API).
8. **Automation Process Description**:
– The workflow triggers from a web form submission, retrieves device data, consolidates it for analysis, generates reports, and emails them while maintaining data hygiene.
9. **Workflow Configuration Steps**:
– Accounts must be set up with AI enabled, credentials created, workflows imported and configured, followed by testing and publishing.
10. **Alternative Automation Options**:
– While other no-code platforms can build similar workflows, certain Tines features (like Pages and Automatic Mode) offer unique advantages.
11. **Call to Action**:
– Interested users can sign up for a free Tines account, including access to AI functionality, to explore or implement the workflow.
### Next Steps
– Consider participating in the next competition to share innovative workflows.
– Explore further integrations using Tines’ capabilities for improved operational efficiency in security tasks.