Category: Tag:
OTHER ENDPOINT PROTECTION CASE STUDY

CrowdStrike Falcon integration with SIEM Platform

Categories

SIEM Integration

DevOps

Ticketing system

Cloud Applications

Data Protection

Threat Intelligence

Cloud Monitoring

Cloud Storage

EndPoint Protection

Connector Factory Model

CRM

Cloud Security

Secure Access

DNS

Authentication

Database

IAM

Incident Response

Firewall

Security Ratings

Collaboration

Encryption

Application Security

HCM

DLP

Customer

Customer is a leading SIEM solution provider.

They provide a platform for companies to aggregate and act upon Threat Intelligence.

Requirement

Customer requested for the integration of their product with Carbon Black

Sacumen-case studies

Technology Solution

Sacumen developed the Connector app that enhances the threat detection capabilities of SIEM platform by collecting and analysing log data from the Carbon Black applications and provides orchestration actions to streamline incident response activities.

CB Response, CB Protection, CB Defense sends the Syslog to the SIEM’s syslog server. Connector App processed the incoming syslog, parses it, maps to events fields and feed into the SIEM Platform.

SIEM initiates call to CB Response to isolate an endpoint instantly – through a user-executed action or an automated rule. Connector makes REST API call to CB Response to isolate an endpoint.

Download Case Study

Do you need free Consultation for your security product integration?

    There are no reviews yet.

    Be the first to review “Carbon Black Integration with SIEM Platform”

    related products