cancel
Showing results forΒ 
Search instead forΒ 
Did you mean:Β 
cancel
Announcements
353
Views
20
Helpful
3
Replies
Highlighted
Enthusiast

AMP Integrations to external sources? πŸ’ƒ

Can AMP share information with other 3rd party Threat Hunting capabilities?  I am thinking of a use case where you would be integrating the data in to an in house application that correlates Threat data alongside the outputs from the likes of Talos etc. 

3 REPLIES 3
Highlighted
Beginner

HI John,

it is actually pretty easy to integrate AMP and his events into 3rd party tool for example SIEM tool using API calls. Integration using APIs is pretty easy and convenient. Thanks to the SIEM logic we have get rid of all known false positives and only relevant events are then inspected and sent to our ticketing system. In addition all AMP events coming to SIEM are also correlated with events from other security tools which gives us nice overview about what is going on in the network. This includes also data from CTR tool (which includes information from TALOS). l hope this help a bit

Highlighted

Thank you for the info!  

Highlighted
Engager

That's SecureX, specifically Threat Response

Its got integrations available to several souces of data, plus a generic one that you can make work with any that they don't have..

Content for Community-Ad