Darktrace PREVENT (previously Enterprise Immune System) provides continuous monitoring of your attack surface for risks, high-impact vulnerabilities and external threats and actionable insights.
Configuring the Connector for Darktrace Enterprise Immune System #
To configure Lucidum to ingest data from Darktrace Enterprise Immune System :
-
Log in to Lucidum.
-
In the left pane, click Connector.
-
In the Connector page, click Add Connector.
-
Scroll until you find the Connector you want to configure. Click Connect. The Settings page appears.
-
In the Settings page, enter the following:
-
Host and Port (required): The host and port of the Darktrace API
-
Public API Key and Private API Key (required) – Darktrace API public and private API keys.
-
Verify SSL. For future use.
-
-
To test the configuration, click Test.
-
If the connector is configured correctly, Lucidum displays a list of services that are accessible with the connector.
-
If the connector is not configured correctly, Lucidum displays an error message.
-
API Documentation #
Log in to the Darktrace Customer Portal for API documentation:
https://customerportal.darktrace.com/login