Demo Tools Workflows

Simulate CrowdStrike Alert

This Workflow generates a sample alert, which can be one of two possible CrowdStrike alerts. These alerts are used as examples for deduplication testing, demonstrating how deduplication can occur based on Hash or IP Address, while deduplication does not occur when using Username.

Simulate Multiple Alerts from Different Sources

This workflow generates example alerts from Okta, Proofpoint, and CrowdStrike, used in a demo to show alert enrichment, deduplication, and missing template scenarios.

USE WITH CARE- Reset Environment

This Workflow resets the entire Case Management environment by removing all cases, alerts, and observables.

Demo Tools Workflows

Simulate CrowdStrike Alert​

Simulate Multiple Alerts from Different Sources​

USE WITH CARE- Reset Environment​

Simulate CrowdStrike Alert

Simulate Multiple Alerts from Different Sources

USE WITH CARE- Reset Environment