Login
    Contents x
    Cynet
    • 13 Oct 2024
    • 1 Minute to read
    • Contributors
    • Print
    • Dark
      Light
    Contents

    Cynet

    • Updated on 13 Oct 2024
    • 1 Minute to read
    • Contributors
    • Print
    • Dark
      Light
    Article summary

    Cynet is a cybersecurity platform that helps organizations to detect, prevent, and respond to threats. Cynet's platform protects endpoints, users, networks, and SaaS applications. It can automatically investigate threats and remediate attack components.

    Integration Method: API
    Tables: Detection Finding

    Integration

    DataBee needs to connect to an API endpoint which retrieves a list of alerts logs. This integration has been tested against the Cynet Alerts API V.

    Cynet

    • To use the Cynet API, we need to create the user with API role attached to it, to generate the Access-Key and Secret Key. Following are the steps to create the role and user respectively.

    Create API Role

    • Log in to the Cynet application and navigate to Settings.

    • Expand Settings and navigate to User and Roles. 

    • Navigate to Roles, then click on Add Role.

    • Add Role name as API and select the permission API. After that click on Add

    Create User

    • Log in to the Cynet application and navigate to Settings.

    • Expand Settings and navigate to User and Roles. 


    • Inside the Users and Role, click on API Users.

     

    • Click on New.

    • Enter the Display name and assign the User Role as API (Local) created in the previous step and then click on Add.

    • Now Access-Key and Secret-Key have been generated, save these details as the details will not appear again. It will be used to configure the Databee UI.

    • To obtain your client ID:

      • If you are a single tenant: Contact Cynet to receive your client ID.

      • If you are an MSSP: In the Cynet 360 console, navigate to Global Settings > Client Site Manager > Sites Status. Your sites are listed in this page with their client IDs.

    DataBee Configuration

    Use the saved secrets and keys to configure DataBee. Detailed setup documentation can be found at https://docs.databee.buzz/docs/api-ingest

    Perform the following steps in order to configure the Cynet in Databee Platform.

    • In Databee UI navigate to the Data tab and click on Add New Data Source

    • Search for Cynet and click on Cynet

    • Click on API Ingest.

    • Enter the required details in the contact form.

    • Use the generated Access Key and Secret Key in previous steps to configure Databee.

    • In the following dialog box, enter the following:

      • Authentication Method: Token URL Auth

      • API Key: Copy the access key previously generated

      • Secret Key: Copy the secret key previously generated

      • API Key ID: Copy the client id previously generated

      • API URLs: https://<instance>/api/alerts/bulk

      • Token URL: https://<instance>/api/account/token

        • Replace <instance> with organization host.

     

    • Click on Submit

    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Eddy AI, facilitating knowledge discovery through conversational intelligence