Blue Coat Content Analysis Integration

Wider attack surface coverage powered by hundreds of integrations and deeper threat visibility powered by thousands of detections.

Blue Coat Content Analysis

Version: Blue Coat Content Analysis 1.3 or above

Blue Coat Content Analysis is a next-generation anti-virus, malware, and spyware detection system. Content Analysis includes the features like Malware and Antivirus scanning, Static Analysis services from Cylance, File Reputation Service, Manual File Blacklist and Whitelist, Sandbox integration with Blue Coat's Malware Analysis.

Netsurion is an enterprise-class platform that seamlessly combines SIEM, Log Management, File Integrity Monitoring, machine analytics and so forth.

Netsurion Data Source Integrations for Blue Coat Content Analysis allows you to monitor the following components: -

Security - Threat detection
Operation - File scan results

Once Blue Coat Content Analysis is configured to deliver events to Netsurion Manager; Alerts, Knowledge objects and reports can be configured into Netsurion.

Some of the Data Source Integrations available in Netsurion are listed below. For more information, please refer Integration Guide.

Alerts

Type	Name	Description
Security	Blue Coat Content Analysis - Threat detected	This alert generates when threats are detected while scanning.
Operations	Blue Coat Content Analysis - File blocked	This alert generates when the files are blocked by antivirus.

Reports

Type	Name	Description
Security	Blue Coat Content Analysis - Threat detected	This report gives the information about threats detected while scanning.
Operations	Blue Coat Content Analysis - File activity	This report gives the information about file scan result, reputation and the action taken.

Documentation

The configuration details are consistent with Netsurion version 9.x and later, and Blue Coat Content Analysis 1.3 or above.

Download Integration Guide for more information.