.png?sv=2019-07-07&sig=8%2BOxU12uG6HhQhjZBWe2YW0co8o6%2B%2Fw5RUw6n6dNKwU%3D&spr=https%2Chttp&st=2023-06-05T14%3A20%3A58Z&se=2023-06-05T14%3A30%3A58Z&srt=o&ss=b&sp=r){kind=logo}
Cybereason Deep Detect & Respond
- 08 Nov 2022
- 1 Minute to read
- Print
- DarkLight
- PDF
Cybereason Deep Detect & Respond
- Updated on 08 Nov 2022
- 1 Minute to read
- Print
- DarkLight
- PDF
Article Summary
Cybereason Deep Detect & Respond (EDR) defends against advanced attacks by collecting and analyzing behavioral data to identify suspicious activities.
Parameters
Cybereason Domain (required) - The hostname of the Cybereason server.
User Name and Password (required) - The user name and password for an account that has read access to the API.
Verify SSL - Select to verify the SSL certificate offered by the value supplied in Cybereason Domain. For more details, see SSL Trust & CA Settings.
HTTPS Proxy (optional) - A proxy to use when connecting to the value supplied in Cybereason Domain.
For details on the common adapter connection parameters and buttons, see Adding a New Adapter Connection.
Advanced Settings
Note:
From Version 4.6, Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to Advanced Configuration for Adapters.
- Custom tags Include list (optional) - Specify a comma-separated list of Cybereason tags.
- If supplied, all connections for this adapter will only fetch devices tagged with any of the comma-separated list of Cybereason tags you have specified.
- If not supplied, all connections for this adapter will fetch any device.
- Avoid hostname duplications - When selected, if two or more devices have the same hostname, only the device with the latest last_seen value is fetched.
- Ignore stale agents - Select to ignore agents with a 'Stale' status.
Note:
For details on general advanced settings under the Adapter Configuration tab, see Adapter Advanced Settings.