Cybereason EDR detects and responds to advanced attacks. The detection capabilities analyze collected data, classify events that occur on endpoints, and apply proprietary detection rules to identify threats. The response capabilities consolidate intelligence about an attack into a single visual representation that provides a complete timeline of the attack, the flow of malware across processes and users, and all incoming and outgoing communications for affected machines. Remediation actions can be automated or executed remotely.
Configuring the Connector for Cybereason EDR #
To configure Lucidum to ingest data from Cybereason EDR:
-
Log in to Lucidum.
-
In the left pane, click Connector.
-
In the Connector page, click Add Connector.
-
Scroll until you find the Connector you want to configure. Click Connect. The Settings page appears.
-
In the Settings page, enter the following:
-
URL (required): The URL of the Cybereason API
-
Username and Password (required): Cybereason username and password
-
Verify SSL. For future use.
-
-
To test the configuration, click Test.
-
If the connector is configured correctly, Lucidum displays a list of services that are accessible with the connector.
-
If the connector is not configured correctly, Lucidum displays an error message.
-