jamiehynds
commented
1 week ago @piyush-elastic as discussed, can we please fold the EDR Cloud integration into SES, and deprecate EDR Cloud?
Open jamiehynds opened 1 week ago
jamiehynds
commented
1 week ago @piyush-elastic as discussed, can we please fold the EDR Cloud integration into SES, and deprecate EDR Cloud?
piyushw-crest
commented
1 week ago sure @jamiehynds - will consider this as an enhancement please.
We currently have 3 Symantec integrations, which can easily cause confusion for users. We have (1) Symantec EDR Cloud, (2) Symantec Endpoint Protection and (3) Symantec Endpoint Security.
Symantec EDR Cloud does not align to any Symantec product, and is limited in scope to ingesting Incidents via Symantec's API. This EDR Cloud integration is actually collecting data from Symantec Endpoint Security (SES).
Can we deprecate the EDR Cloud integration and fold the data streams, pipelines and dashboards into the SES integration. Pipelines and dashboards will need to be updated to ensure custom field mappings align with the current SES pipeline.
Once these integrations are combined into the SES integration, we can discuss the SEP and SES descriptions, to ensure it's clear the product(s) that each integration covers.