QRadar XDR

Expand all | Collapse all

Cynet EDR Integration to QROC

  • 1.  Cynet EDR Integration to QROC

    IBM Select
    Posted Thu June 10, 2021 10:45 AM
    Hi Team,

    I'm planning to integrate the Cynet EDR to QROC Platform, did checked no DSM available.
    Would like to know, what was the port, protocol, event format  and other configuration methods and recommendation followed for successful integration.Do let me know if any other standard guidelines to follow for this integration.

    Appreciate your help and support. Thanks.




    ------------------------------
    Thirumurugan A
    ------------------------------


  • 2.  RE: Cynet EDR Integration to QROC

    Posted Mon September 13, 2021 10:40 AM
    Hi, I successfully integrated Cynet360 logs (events and audit logs) in IBM Qradar, this is possible in different ways (Cynet360 is available on Saas and also on premise):

    1. sending logs via syslog and building the CEF parser that is a simple operation on IBM QRadar
    2. writing the Cynet360 logs in an Amazon S3 bucket and reading them with IBM Qradar that have Amazon S3 API protocol

    For more details you can write me directly

    ------------------------------
    raffaele amodeo
    ------------------------------