Skip to content

Abnormal Security

Cyderes supports the ingestion of cases and threat events from Abnormal Security

Chronicle Data Types

  • ABNORMAL_SECURITY

Configuration

Abnormal Security API Tokens can only be used from IP addresses that have been explicitly allow listed for each individual token, so Cyderes will have to provide the list of IP addresses to add to the token allow list.

The instructions for generating an API Token and adding to the IP allow list through the Abnormal Portal can be found in the Abnormal Security Documentation

Gather Information

Please provide Cyderes with the following:

  • API Token
  • Confirmation that the Cyderes network has been added to the token allow list