Where Can I Use This? | What Do I Need? |
|
One of the following Cortex XSOAR setups:
An IoT Security Third-party Integration Add-on
license that includes a cohosted, limited-featured
Cortex XSOAR instance
AND
A Cortex XSOAR Engine (on-premises integration)
A full-featured Cortex XSOAR server
|
From the IoT Security portal, send a device vulnerability to SIEM from the Vulnerability
Details page. You can also do this in the Actions menu in the Vulnerabilities
section on the Device Details page.
By integrating IoT Security through Cortex XSOAR with a third-party SIEM server,
XSOAR automatically exports data about devices, security alerts, and device
vulnerability in periodic incremental updates from IoT Security to SIEM. Therefore,
it might be unnecessary to send a vulnerability to SIEM manually. However, if you
haven’t performed a bulk export to SIEM and you want to send a device vulnerability
that wasn’t exported through the automatic incremental update process, then you can
use this option to send it manually.