Customer is a leading SIEM solution provider.
They provide a platform for companies to aggregate and act upon Threat Intelligence.
Customer requested for the integration of their product with CrowdStrike Falcon
- Sacumen developed the Connector app that collects and process logs from the CrowdStrike Falcon platform through CrowdStrike Falcon SIEM Connector
- CrowdStrike Falcon SIEM Connector collects the events data from CrowdStrike Falcon platform by making API calls to the CrowdStrike Falcon platform
- CrowdStrike Falcon SIEM Connector then pushes Syslog data to Syslog server.
- Connector app processed the incoming Syslog, parses it, maps to events fields and feed into the SIEM Platform