- This topic is empty.
Viewing 1 post (of 1 total)
- Posts
Cylance Console
- Log in to the Cylance Console as an administrator. Only administrators can create an application integration.
- Select Settings > Integrations.
- Click Add Application.
- Type an Application Name. This must be unique within your organization.
- Select the access privileges for a Console data type. Not selecting any checkboxes for a data type means the application does not have access to that data type.
- Select “READ” access
- Click Save
- Make note of the Application ID and Application Secret
Precinct Configuration
- Go to Admin > SOAR > Cylance Protect > Config
- Click the checkbox for Enable the Cylance Protect Integration
- Paste the Application ID, Application Secret, and Tenant ID
- Click the disk icon (Save)
- Click Jobs and go to Artifacts from Cylance.
- Select Triggers, expanding Manual Trigger and Interval Trigger.
- Toggle both to State: ENABLED
- The Interval Trigger is set to 2 hours by default, but you can update it to what best suits your organization. (Recommended: 10 minutes)
- Click the disk icon (Save)
- It can take up to 24 hours for “Cylance” to be listed as an Artifact Source under Report > Tool Effectiveness > Artifact Source Types
Viewing 1 post (of 1 total)
- You must be logged in to reply to this topic.