Applies to: Cybereason 17.3 and later.
The Cybereason solution combines endpoint prevention, detection, and response in all-in-one lightweight agent.
EventTracker supports Cybereason, monitors the Cybereason and generates the alerts and reports for critical events like MALOP creation, malware or threat detection, user activities, etc. The saved search and dashboards help to monitor critical and top activities in the Cybereason.
Once events are received into EventTracker, Reports, Knowledge Objects, Categories and Dashboards can be configured into EventTracker.
EventTracker monitors all the Cybereason events which are given below.
The configuration details are consistent with EventTracker version 9.x and later, and Cybereason 17.3 and later should be installed.
For more information please refer to the Cybereason Integration guide