Use Cybereason in your Security Ecosystem (Integrators)

Your security ecosystem often includes various tools. Depending on how you use the Cybereason platform, you integrate your Cybereason platform:

  • For integrations hosted on other platforms, you connect your Cybereason environment with these platforms to share Cybereason-related data in the other platform.

  • For integrations supported by Cybereason XDR, you set up the integration to enable your Cybereason platform (through your Google Chronicle instance) to retrieve and use the log data from numerous other platforms.

What integrations are available?

There are numerous integrations available for your Cybereason environment. Integrations differ depending on the type of data used by the integration:

  • EDR-based integrations which retrieve MalOps, investigation query results, sensor data, or reputation information from your Cybereason platform and share data with your Cybereason platform as well as enable you to perform Cybereason-related actions from the other platform. These integrations are hosted in the third-party integration platform.

  • XDR-based integrations that retrieve log source data from other platforms to use this data along with existing data from endpoint machines and container/Kubernetes cluster data.

For a full and up-to-date list of all integrations, see the Cybereason Integrations page in the Nest. You can sort this page to display either EDR or XDR integrations as needed.

In addition, you can use other methods to retrieve Cybereason data to build your own custom integration:

Videos

Splunk integration:

QRadar integration:

Demisto integration:

IBM Resilient integration:

ServiceNow integration:

Splunk Phantom integration: