Cylance
Overview
Cylance is an AI-driven endpoint detection and response (EDR) platform that allows companies to intelligently strengthen, automate, and streamline their overall endpoint security efforts. By leveraging predictive AI technology, Cylance prevents threats in realtime rather than reacting after an attack occurs. It continuously monitors endpoints for malicious activity, providing protection against malware, fileless attacks, and other advanced threats.
Available Integrations
| Product(s) | Supported Asset Type(s) | Integration Type |
|---|---|---|
| Cylance | Devices | Source |
Why You Should Integrate
Integrating with Cylance will provide insight and additional context into your devices being managed by Cylance.
How Does the Integration Work
This integration works by pulling data about devices from your instance of Cylance using its REST API.
This data is only used internally; we do not share it with any parties outside of Sevco. Refer to our privacy policy for details.
Please review the configuration instructions in the section below before setting up permissions for apps.
Configuration
- Configure the Access Schema
| Field | Description | Example |
|---|---|---|
Tenant ID* | The Tenant ID from your Cylance console Integrations page for your Sevco Application | 1fc4de3f-2ab5-474e-8eb3-8f8c0a91d7e4 |
App ID* | The CylancePROTECT Application ID associated with your Sevco Application in your Cylance console | a7b9c2d8-4e6f-41a3-9c5b-8d2e0f1a3b7c |
App Secret* | The Application Secret for the CylancePROTECT API Key associated with your Sevco Application | *********************** |
-
Add an Integration: Select the integration(s) you'd like to add.
- Collect devices
Configuration Options
| Field | Description | Example |
|---|---|---|
Region* | The Region Code for the Cylance Service Endpoint. This is used to determine which Service Endpoint to connect to. | NA |
- Configure General Information: OPTIONAL: You can use the following fields to provide additional information about your configuration.
| Field | Description | Example |
|---|---|---|
Name (optional) | Uniquely identifiable attribute of the configuration to delineate other similar configurations with the existing organization. | DMZ network |
Contact Person (optional) | A placeholder to input a name or email address of a contact associated with the integration. | Jane Doe |
Link to Console (optional) | A placeholder to input a link to the console of the product Sevco is integrating with for quick reference and access when configuring or editing the integration. | www.product.com/devices |
Email me about frequent errors | Select this toggle to receive an email whenever an Integration has a ≥30% error rate in a 24-hour period. | n/a |
- Activate Config: Select "Activate" to enable this configuration and begin pulling data.
External Documentation
Creating credentials
You will be asked to provide credentials that Sevco will use for the integrations. Please review the instructions below for generating a Tenant ID, App ID, and App Secret.
To begin you will need to add Sevco as an Application using the steps below:
- From the Integrations page, select Add Application
- Provide a name for the integration (i.e. Sevco)
- Select
READaccess privileges for all console data types; Sevco does not needWRITEorMODIFYaccess privileges - Click Save
Once the application has been saved, you will be provided with a Application ID and Application Secret to copy. You can access your application's Tenant ID from the Integrations page.
Required Permissions
Applications can only be created by an Administrator and should have the following permissions:
READaccess privileges for all console data types
Contact Us
If you're having problems configuring an Integration, or if you've found something wrong in this document, please email us at [email protected].
Updated 9 days ago