Cybereason EDR consolidates all intelligence about an attack into a single visual representation called a MalOp (malicious operation) that provides a complete timeline of the attack, the flow of malware across processes and users, and all incoming and outgoing communications for affected machines. Remediation actions can be automated or executed remotely.
Configuring the Connector for Cybereason EDR
To configure Lucidum to ingest data from Cybereason EDR:
Log in to Lucidum.
In the left pane, click Connector.
In the Connector page, click Add Connector.
Scroll until you find the Connector you want to configure. Click Connect. The Settings page appears.
In the Settings page, enter the following:
URL (required): The URL of the Cybereason API
Username and Password (required): Cybereason username and password
Verify SSL. For future use.
To test the configuration, click Test.
If the connector is configured correctly, Lucidum displays a list of services that are accessible with the connector.
If the connector is not configured correctly, Lucidum displays an error message.