elasticmachine
commented
3 years ago Pinging @elastic/security-external-integrations (Team:Security-External Integrations)
Open jamiehynds opened 3 years ago
elasticmachine
commented
3 years ago Pinging @elastic/security-external-integrations (Team:Security-External Integrations)
botelastic[bot]
commented
2 years ago Hi! We just realized that we haven't looked into this issue in a while. We're sorry! We're labeling this issue as Stale to make it hit our filters and make sure we get back to it as soon as possible. In the meantime, it'd be extremely helpful if you could take a look at it as well and confirm its relevance. A simple comment with a nice emoji will be enough :+1. Thank you for your contribution!
jamiehynds
commented
2 years ago Keeping this open.
botelastic[bot]
commented
1 year ago Hi! We just realized that we haven't looked into this issue in a while. We're sorry! We're labeling this issue as Stale to make it hit our filters and make sure we get back to it as soon as possible. In the meantime, it'd be extremely helpful if you could take a look at it as well and confirm its relevance. A simple comment with a nice emoji will be enough :+1. Thank you for your contribution!
Description
Forcepoint CASB enables organizations to control the sharing of sensitive data and files through granular file-sharing policies. You can allow sharing for specific users or departments, enforce whitelists or blacklists of external users and domains, or block sensitive files from being shared. Data sheet available here.
Architecture
Forcepoint provides a 'CASB SIEM Tool' to pull data from their CASB, Filebeat/Agent can then be used to ship the data to Elastic. A good example of a similar SIEM integration is available here.
Integration release checklist
This checklist is intended for integrations maintainers to ensure consistency when creating or updating a Package, Module or Dataset for an Integration.
All changes
New Package
Dashboards changes
Log dataset changes
sample_event.json) exists