Blue Coat Content Analysis
Version: Blue Coat Content Analysis 1.3 or above
Blue Coat Content Analysis is a next-generation anti-virus, malware, and spyware detection system. Content Analysis includes the features like Malware and Antivirus scanning, Static Analysis services from Cylance, File Reputation Service, Manual File Blacklist and Whitelist, Sandbox integration with Blue Coat’s Malware Analysis.
Netsurion Open XDR is an enterprise-class platform that seamlessly combines SIEM, Log Management, File Integrity Monitoring, machine analytics and so forth.
Netsurion Data Source Integrations for Blue Coat Content Analysis allows you to monitor the following components: –
- Security – Threat detection
- Operation – File scan results
Once Blue Coat Content Analysis is configured to deliver events to Netsurion Open XDR Manager; Alerts, Knowledge objects and reports can be configured into Netsurion Open XDR.
The following are the key Data Source Integration available in Netsurion Open XDR.
Alerts
| Type | Name | Description |
|---|---|---|
| Security | Blue Coat Content Analysis – Threat detected | This alert generates when threats are detected while scanning. |
| Operations | Blue Coat Content Analysis – File blocked | This alert generates when the files are blocked by antivirus. |
Reports
| Type | Name | Description |
|---|---|---|
| Security | Blue Coat Content Analysis – Threat detected | This report gives the information about threats detected while scanning. |
| Operations | Blue Coat Content Analysis – File activity | This report gives the information about file scan result, reputation and the action taken. |
Documentation
The configuration details are consistent with Netsurion Open XDR 9.x and later, and Blue Coat Content Analysis.
Download Integration Guide for configuration instructions and more information.