Skip to content

CyberArk Endpoint Privilege Manager (EPM)

Cyderes supports the ingestion of events from CyberArk EPM. CyberArk EPM introduces a combined solution for application control, privilege management, and threat detection.

Chronicle Data Types

  • CYBERARK

Caveats / Known Limitations

This integration supports pulling events from the Endpoint Privilege Manager service and does not support other CyberArk services.

Requirements

The user that is set up for Cyderes in CyberArk should have access to the EPM API

Gather Information

Provide the following information to Cyderes to complete implementation:

  • EPM Server URL
  • Dispatcher URL for Authentication (ex: https://login.epm.cyberark.com)
  • Username
  • Password
  • Application ID (If not provided, Cyderes will generate a value)
  • Categories to pull:
    • ThreatDetection
    • ApplicationEvents
    • PolicyAudit