Skip to content


The Cybereason Defense Platform provides endpoint detection, next-gen anti-virus, and proactive threat hunting to reduce vulnerability risks.

Cyderes supports the ingestion of malop and malware data from the Cybereason API. A malop is a malicious operation that is detected by the Cybereason Platform which ties together the details of a cyberattack and provides a log containing all the aggregated information. Cybereason also provides malware logs, which are logs that contain information about malware detected on an endpoint.

Chronicle Data Types



  1. In the Cybereason instance, log in as an administrative user
  2. Navigate to the Admin -> Users section of the site using the menu on the left
  3. Click the Create users button
  4. In the form at the bottom of the page, enter a user email (this does not need to be valid) and a secure password
  5. Check the API User toggle cybereason-create-user
  6. Click Add user

Gather Information

To collect data from a Cybereason instance, Cyderes needs the following information:

  • Company-specific Cybereason tenant URL
  • Cybereason API user email
  • Cybereason API user password