Search Results

Endpoint Detection and Responce (EDR) - Manual Installation Endpoint Detection and Response (EDR) Endpoint Detection and Response (EDR), is a cybersecurity technology that focuses on detecting, investigating, and responding to suspicious activities and thr...

Endpoint Detection and Responce (EDR) - Automatic Installation Endpoint Detection and Response (EDR), is a cybersecurity technology that focuses on detecting, investigating, and responding to suspicious activities and threats on endpoints, such as workstation...

When Elastic Agent installs Endpoint, they connect locally to share status and updates. If this connection fails, Elastic Agent shows as Unhealthy, and Endpoint won’t work properly. How to Check if There's a Problem Check Agent StatusOpen PowerShell as...

Authentication To use this CSPM Google Cloud Platform (GCP) integration, you need to set up a Service Account with a Role and a Service Account Key to access data on your GCP project. 1. Service Account First, you need to create a Service Account. A Servi...

This Google Cloud integration collects and analyzes a wide range of logs and metrics to provide comprehensive visibility into your cloud environment. It ingests Firewall Logs, VPC Flow Logs, DNS Logs, and Load Balancing Logs exported from Cloud Logging via a P...

Introduction Cloudflare logs provide detailed insights into client connections, request paths through the Cloudflare network, and origin server responses. These logs help track activity, identify issues, and support security and performance analysis. Authe...

1Password Events Reporting Integration Manual With 1Password Business, you can forward account activity to your SIEM system using the 1Password Events API. This enables centralized monitoring, improved visibility, and enhanced response to security-related eve...

This integration collects syslog messages from SonicWall firewalls. It has been tested with Enhanced Syslog logs from SonicOS versions 6.5 and 7.0, following the SonicWall Log Events reference guide. Configuration To set up the integration, configure a Sys...

Cisco Meraki provides a centralized cloud management platform for devices like MX Security Appliances, MR Access Points, and more. Its cloud-based architecture enables secure, scalable networks manageable from anywhere via the Meraki Dashboard or Mobile App. E...

Step 1: Install rsyslog1. Open terminal.2. Run the following commands: sudo apt update sudo apt install rsyslog -y sudo systemctl enable rsyslog sudo systemctl start rsyslog Step 2: Enable Syslog Reception on Port 5141.Open the rsyslog configuration file:...

Google Workspace Integration Overview The Google Workspace integration collects and parses data from various Google Workspace audit reports APIs using a service account authorized via the Admin SDK API. Requirements  To ingest data from the Google Rep...

Summary of Actions Required: Register an app in Microsoft Entra ID and configure API permissions for Microsoft Graph and Office 365 Management APIs. Grant admin consent and collect credentials (Application ID, Tenant ID, Client Secret). Ensure Unified Audit L...

Endpoint Detection and Response (EDR), is a cybersecurity technology that focuses on detecting, investigating, and responding to suspicious activities and threats on endpoints, such as workstations, laptops, and servers. EDR solutions provide visibility into e...

1. Overview This report outlines the key differences, advantages, disadvantages, and recommendations for using Microsoft Audit Logs and Microsoft Compliance Alerts in the context of Security Operations Center (SOC) monitoring. 2. Definition and Purpose...

Outlook Add-in for Microsoft 365 Overview AQUILA – SNIFF & Detect is a custom integration app within the AQUILA platform that enables Microsoft 365 environments to deploy advanced malicious email detection capabilities.The app is packaged as a manifest.xml...

To create a JSON Web Token (JWT) for Salesforce on Kali Linux, you can follow the steps below. Kali Linux is a Debian-based Linux distribution, so the process is similar to other Linux environments. You will use tools like OpenSSL for key generation and a prog...

Access the App Open Outlook and check the apps panel to ensure Sniff & Detect is listed and accessible. Users can launch it from More apps in Microsoft 365. A phishing email impersonating Netflix. An arrow points to the SNIFF & Detect ...

Purpose This document explains, in a clear and practical way, how to locate GitLab log files on the host (or in Kubernetes), confirm access, and connect those logs to AQUILA. It covers common GitLab installation types (Omnibus/Linux package, self‑compiled, an...

What are API token scopes? Scopes define what actions an API token is allowed to perform in Atlassian apps such as Jira and Confluence. They provide security by limiting the permissions of the token. You can create tokens with scopes (recommended) or without ...

Please find below the instructions required to set up this integration: To configure PostgreSQL with the specified logging settings, you need to modify the postgresql.conf file, which is typically located in the PostgreSQL data directory. Here are the steps t...