.png?sv=2019-07-07&sig=DKrIa6UiKzHt0EzUnj0SGFwvH0drj0t1nRiDac%2BmH9I%3D&spr=https%2Chttp&st=2022-12-04T06%3A18%3A30Z&se=2022-12-04T06%3A28%3A30Z&srt=o&ss=b&sp=r){kind=logo}
Cybereason Deep Detect & Respond
- 08 Nov 2022
- 1 Minute to read
-
Print
-
DarkLight
-
PDF
Cybereason Deep Detect & Respond
- Updated on 08 Nov 2022
- 1 Minute to read
-
Print
-
DarkLight
-
PDF
Cybereason Deep Detect & Respond (EDR) defends against advanced attacks by collecting and analyzing behavioral data to identify suspicious activities.
Parameters
-
Cybereason Domain (required) - The hostname of the Cybereason server.
-
User Name and Password (required) - The user name and password for an account that has read access to the API.
-
Verify SSL - Select to verify the SSL certificate offered by the value supplied in Cybereason Domain. For more details, see SSL Trust & CA Settings.
-
HTTPS Proxy (optional) - A proxy to use when connecting to the value supplied in Cybereason Domain.
-
For details on the common adapter connection parameters and buttons, see Adding a New Adapter Connection.
Advanced Settings
Note:
From Version 4.6, Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to Advanced Configuration for Adapters.
- Custom tags Include list (optional) - Specify a comma-separated list of Cybereason tags.
- If supplied, all connections for this adapter will only fetch devices tagged with any of the comma-separated list of Cybereason tags you have specified.
- If not supplied, all connections for this adapter will fetch any device.
- Avoid hostname duplications - When selected, if two or more devices have the same hostname, only the device with the latest last_seen value is fetched.
- Ignore stale agents - Select to ignore agents with a 'Stale' status.
Note:
For details on general advanced settings under the Adapter Configuration tab, see Adapter Advanced Settings.