InQuest Integration

Wider attack surface coverage powered by hundreds of integrations and deeper threat visibility powered by thousands of detections.

InQuest

Version: InQuest Manager version 3.87.x or later

InQuest focuses its analysis on identifying, processing, and inspecting files downloaded over the web or received via email to detect malicious code in transit. In addition to threat detection, InQuest encounters sensitive data in motion like confidential documents and personally identifiable information.

Netsurion's Open XDR platform facilitates monitoring events retrieved from the InQuest. It's dashboard, category, alerts, and reports will benefit you in tracking possible attacks, suspicious activities, or any other threat noticed.

First, configure the InQuest to deliver events to the Netsurion Manager, and then configure the dashboards and reports in Netsurion.

Alerts

Type	Name	Description
Security	InQuest - Suspicious file detected	This alert gets triggered when the InQuest Malware detection engine detects a suspicious file with a high-risk score and a reasonably high Shannon entropy.

Reports

Type	Name	Description
Security	InQuest - Potential SMTP threats	This report provides the details of emails or SMTP transfers that are potentially risky and may have malicious file attachments.
Security	InQuest - Malware and suspicious files	This report provides the details related to potential malware on systems based on the InQuest malware detection engine.
Security	InQuest - C2 engine detections	This report provides details of suspicious detections by the InQuest C2 engine.

Documentation

The configuration details are consistent with Netsurion version 9.3 or later, and InQuest Manager version 3.87.x or later.

Download Integration Guide and How-to Guide for more information and to configuration instructions.