Cybereason Deep Detect & Respond

Cybereason Deep Detect & Respond (EDR) defends against advanced attacks by collecting and analyzing behavioral data to identify suspicious activities.

The Cybereason Deep Detect & Respond adapter requries the following parameters:

1. Cyberreason Domain - Use your Tanium domain.
2. User Name and Password - The user name and password of a read-only user.
3. Verify SSL - Choose whether to verify the SSL certificate of the server.
4. HTTPS Proxy (optional) - You can configure a proxy specifically to the adapter instead of directly approaching the domain.
5. Choose Instance - If you are using multi-nodes, choose the Axonius node that is integrated with the adapter. By default, the 'Master' Axonius node (instance) is used. For details, see Connecting Additional Axonius Nodes

Configuring Cybereason Advanced Settings

To configure the Cybereason Deep Detect & Respond adapter advanced settings, open the Cybereason Deep Detect & Respond adapter screen, click Advanced Settings, and then click the Cybereason Configuration tab:

• Custom Tags Whitelist - Specify a comma-separated list of Cybereason tags. This field will tell the adapter to collect only devices tagged with any of the comma-separated list of Cybereason tags you have specified.