Skip to content

Cybereason

The Cybereason Defense Platform provides endpoint detection, next-gen anti-virus, and proactive threat hunting to reduce vulnerability risks.

Cyderes supports the ingestion of malop and malware data from the Cybereason API. A malop is a malicious operation that is detected by the Cybereason Platform which ties together the details of a cyberattack and provides a log containing all the aggregated information. Cybereason also provides malware logs, which are logs that contain information about malware detected on an endpoint.

Chronicle Data Types

  • CYBEREASON_EDR

Configuration

  1. In the Cybereason instance, log in as an administrative user
  2. Navigate to the Admin -> Users section of the site using the menu on the left
  3. Click the Create users button
  4. In the form at the bottom of the page, enter a user email (this does not need to be valid) and a secure password
  5. Check the API User toggle cybereason-create-user
  6. Click Add user

Gather Information

To collect data from a Cybereason instance, Cyderes needs the following information:

  • Company-specific Cybereason tenant URL
  • Cybereason API user email
  • Cybereason API user password