- 21 Oct 2023
- 1 Minute to read
Cybereason Deep Detect & Respond
- Updated on 21 Oct 2023
- 1 Minute to read
Cybereason Deep Detect & Respond (EDR) defends against advanced attacks by collecting and analyzing behavioral data to identify suspicious activities.
This adapter fetches the following types of assets:
Cybereason Domain (required) - The hostname of the Cybereason server.
User Name and Password (required) - The user name and password for an account that has read access to the API.
Verify SSL - Select to verify the SSL certificate offered by the value supplied in Cybereason Domain. For more details, see SSL Trust & CA Settings.
HTTPS Proxy (optional) - A proxy to use when connecting to the value supplied in Cybereason Domain.
For details on the common adapter connection parameters and buttons, see Adding a New Adapter Connection.
Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to Advanced Configuration for Adapters.
Custom tags Include list (optional) - Specify a comma-separated list of Cybereason tags.
- If supplied, all connections for this adapter will only fetch devices tagged with any of the comma-separated list of Cybereason tags you have specified.
- If not supplied, all connections for this adapter will fetch any device.
Avoid hostname duplications - When selected, if two or more devices have the same hostname, only the device with the latest last_seen value is fetched.
Ignore stale agents - Select to ignore agents with a 'Stale' status.
Use CSV API (default: false) - By default the system uses the Sensor Query API. Select this option to use the CSV API to fetch devices.Note:
Only change the default setting after guidance from Axonius Support.
For details on general advanced settings under the Adapter Configuration tab, see Adapter Advanced Settings.