How to integrate Kaspersky Threat Data Feeds with FortiSIEM


Kaspersky Threat Data Feeds


How to integrate Kaspersky Threat Data Feeds with FortiSIEM

Back to article list
Latest update: April 20, 2020 ID: 15146

Kaspersky CyberTrace for FortiSIEM (SIEM connector) allows you to check URLs, file hashes, and IP addresses contained in events that arrive in FortiSIEM. The URLs, file hashes, and IP addresses are checked against threat data feeds from Kaspersky Lab, or from other vendors or sources loaded to CyberTrace. During the matching process, Kaspersky CyberTrace determines the indicator category and generates an event supplemented with actionable context.

To integrate Kaspersky Threat Data Feeds using Kaspersky CyberTrace with FortiSIEM:

  1. Download and install Kaspersky CyberTrace for LogScanner. For details, see this article.
  2. Configure Kaspersky CyberTrace for integration with FortiSIEM. 
  3. Configure forwarding events from FortiSIEM to Kaspersky CyberTrace. 
  4. Configure sending events from Kaspersky CyberTrace and receiving them in FortiSIEM.

After this, you can browse CyberTrace events, that contains actionable information from Kaspersky Threat Data Feeds as well as from other vendors or sources, in FortiSIEM to identify existing breaches or newly launched attacks, and inform your business or clients about the risks and implications associated with the threat.

To download the guide which contains detailed instructions for integrating Kaspersky Threat Data Feeds with FortiSIEM, click the link that corresponds to your version:

Was this information helpful?
Yes No
Thank you


How can we improve this article?

Your feedback will be used for content improvement purposes only. If you need assistance, please contact technical support.

Submit Submit

Thank you for your feedback!

Your suggestions will help improve this article.