elasticmachine
commented
3 years ago Pinging @elastic/security-external-integrations (Team:Security-External Integrations)
Closed jamiehynds closed 3 months ago
elasticmachine
commented
3 years ago Pinging @elastic/security-external-integrations (Team:Security-External Integrations)
botelastic[bot]
commented
2 years ago Hi! We just realized that we haven't looked into this issue in a while. We're sorry! We're labeling this issue as Stale to make it hit our filters and make sure we get back to it as soon as possible. In the meantime, it'd be extremely helpful if you could take a look at it as well and confirm its relevance. A simple comment with a nice emoji will be enough :+1. Thank you for your contribution!
SourinPaul
commented
10 months ago @jamiehynds this issue is currently not in the security-teams repo. Hence, I could not assign the v8.13.0 label to this issue.
Can you please update this label? Thanks!
jamiehynds
commented
10 months ago @SourinPaul label added.
Description
Cybereason EDR is a full-featured EDR solution designed to catch, analyze, and defend against highly advanced network threats in real-time directly at the endpoint. Cybereason allows organizations to correlate data across machines and generate contextualized alerts to monitor threats as they’re discovered at any point in the attack chain.
Architecture
An API is available, but no public documentation. Users have to request an API key directly from Cybereason. Sample event available here.
Worth noting, an existing experimental FortiClient integration exists. This will be deprecated upon release of a new FortiClient integration.
Integration release checklist
This checklist is intended for integrations maintainers to ensure consistency when creating or updating a Package, Module or Dataset for an Integration.
All changes
New Package
Dashboards changes
Log dataset changes
sample_event.json) exists