Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

ForeScout

Reply
This is an open group. Sign in and click the "Join Group" button to become a group member and start posting.
SECURITY EVENTS TEMPLATE. INTEGRATION WITH FORESCOUT
[ Edited ]
Adviser
Posts: 171
Registered: ‎09-09-2015
Adviser
Posts: 81

Hi there,

The PDF-file attached to the post provides detailed explanation of the security events management template.  Do not copy/past the template from the file, it may not work. Download the template attached to this post. The templates are provided “as-is”, please check them in you Lab environment and modify for your needs before implementing them in production.

 

FS_RemediateOnEvent extensible attribute is required to trigger a policy on ForeScout side. WAPI credentials are required to update extensible attributes and retrieve “_ref” field.

 

Any feedback and/or questions are appreciated and very welcome.

BR,

Vadim Pavlov

Showing results for 
Search instead for 
Did you mean: