CylancePROTECT is an AI-based, Endpoint Protection Platform (EPP) that blocks cyberattacks and provides automated controls for safeguarding against threats like script-based, fileless, memory, and external device-based attacks.
Configuring the Connector for CylancePROTECT
To configure Lucidum to ingest data from CylancePROTECT:
Log in to Lucidum.
In the left pane, click Connector.
In the Connector page, click Add Connector.
Scroll until you find the Connector you want to configure. Click Connect. The Settings page appears.
In the Settings page, enter the following:
URL (required): The URL of the Cylance API, for example, https://protectapi.cylance.com
Client ID and Secret (required): Cylance API application ID and secret
Tenant ID (required): Cylance tenant ID
Verify SSL. For future use.
To test the configuration, click Test.
If the connector is not configured correctly, Lucidum displays an error message.