CyberArk EPM

CyberArk Endpoint Privilege Manager (EPM) is a security solution that helps organizations protect their endpoints from cyber threats and reduce the risk of data theft or encryption. EPM helps block and contain attacks on endpoint computers.

Integration Method: API
Tables: Process Activity

Integration

To connect Data Bee and Cyberark EPM for the purpose of getting data related to sets & raw events. This integration has been tested against the CyberArk EPM API version 24.9.0

Cyberark EPM Configuration

1. Log in to CyberArk EPM console

2. Click on Administration.

3. Click on Create User button

4. Fill out the required details on the form and ensure that "Account Administrator" and "Allow to manage sets" are checked. Click the Next button. The email can be used as the username and the password will be utilized for the API call.

5. Select full control set admin as roles. Click on the finish button.

DataBee Configuration

1. Log in to the DataBee console

2. In Databee UI navigate to the Data tab and click on Add New Data Source.

3. Search for Cyberark EPM and click on Cyberark EPM.

4. Click on API Ingest.

5. Enter the contact details in the form and click Next

6. Enter the following information:

   1. Authorization Method: Custom Token

   2. Username & Password: Enter the previously created credentials from CyberArk

7. Click Submit