IoT Security
Set up Cortex XDR for Integration
Table of Contents
Expand All
|
Collapse All
IoT Security Docs
-
-
- Firewall Deployment Options for IoT Security
- Use a Tap Interface for DHCP Visibility
- Use a Virtual Wire Interface for DHCP Visibility
- Use SNMP Network Discovery to Learn about Devices from Switches
- Use Network Discovery Polling to Discover Devices
- Use ERSPAN to Send Mirrored Traffic through GRE Tunnels
- Use DHCP Server Logs to Increase Device Visibility
- Control Allowed Traffic for Onboarding Devices
- Support Isolated Network Segments
-
Set up Cortex XDR for Integration
Set up Cortex XDR for integration with IoT Security through
Cortex XSOAR.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
One of the following Cortex XSOAR setups:
|
Generate an advanced API key, which Cortex XSOAR will use when querying the XDR for device attributes. Copy
and record the key string, its key ID, and XDR URL into a text editor,
so you can enter them in the XSOAR UI when configuring an XDR integration
instance.
- Generate an advanced API key.For more details about creating an API key in Cortex XDR, see Get Started with Cortex XDR APIs.
- Log in to Cortex XDR and select SettingsConfigurationsIntegrationsAPI Keys.
- Select + New Key, enter the following settings, and then Generate:Security Level: AdvancedRoles: ViewerViews: Endpoint Administration
- Copy the API key and note its key ID.
- Copy the API key and then click Done.
- In the API Keys table, note the number in the ID column for the key you just generated.
- Open a text editor, paste the key string you just copied, and type the key ID you just noted.
- Copy the URL of the XDR server.
- Return to SettingsConfigurationsIntegrationsAPI Keys in Cortex XDR, right-click your API key, and then View Examples.
- Copy the CURL Example URL.This contains your unique FQDN: https://api-<fqdn>
- Paste the URL below the API key string and key ID in your text editor.