Popular Articles
XDRaaS - Quick Start Guide (QSG)
XDRaaS – Quick Start Guide The following items will help guide you through what CyFlare’s deployment team will be working on with you, to get you ingesting data, and moving to being monitored, by the SOC, as quickly as possible. The main items that ...
Use Case #1: Firewall Policy Update
Firewall response actions are the best way to deal with noisy public IPs attempting to ping/connect to external public-facing servers in the customer’s environment. This can also help respond to potential malicious IPs very quickly through automated ...
Use Case #2: Network Isolation
The SOC can take network-based response actions by utilizing API response actions on network appliances. These include firewall, routers, management devices, etc. Typical Actions Isolate/Quarantine endpoint(s) from network Terminate network sessions ...
Use Case #3: Disable User Account
Active Directory response actions is intended to be utilized when a high probably user compromise incident has been identified by the SOC. The account or device associated with the incident needs to be disabled immediately to avoid further spread ...
Use Case #4: Email Integration
Exchange/Email servers are a vital part of implementing automated response actions as one of the most common entry points for malicious/unknown entities into customers’ environments. The SOC is enabled with these response actions to prevent and ...