Category: Tag:

Customer

Customer’s Threat Intelligence platform enriches every stage of your security operations workflow from your trusted and relevant data sources.

Requirement

The Client requested for the integration of their Threat Intelligence platform with the LogRhythm so that their clients can view the Indicators of Compromise (IOC) data in LogRhythm’s console

data-protection

Technology Solution

Sacumen developed the Powershell based agent app

Powershell Agent used a configuration file in the Agent’s config folder to configure the Client’s URL, API Key and other required configuration parameters.

Powershell Agent made REST calls to Client’s platform to retrieve events data in CSV format.

Powershell Agent parsed the data and write in LEEF format

Events mapping was done against the LogRhythm field and custom events were defined

Do you need free Consultation for your security product integration?

    There are no reviews yet.

    Be the first to review “Threat Intelligence Platform integration with LogRhythm”