How to integrate Kaspersky Threat Data Feeds with FortiSIEM

 

Kaspersky Threat Data Feeds

 
 
 
 

How to integrate Kaspersky Threat Data Feeds with FortiSIEM

Back to article list
Latest update: 2019 May 27 ID: 15146
 
 
 
 

Kaspersky CyberTrace for FortiSIEM (SIEM connector) allows you to check URLs, file hashes, and IP addresses contained in events that arrive in FortiSIEM. The URLs, file hashes, and IP addresses are checked against threat data feeds from Kaspersky Lab, or from other vendors or sources loaded to CyberTrace. During the matching process, Kaspersky CyberTrace determines the indicator category and generates an event supplemented with actionable context.

To integrate Kaspersky Threat Data Feeds using Kaspersky CyberTrace with FortiSIEM:

  1. Download and install Kaspersky CyberTrace for LogScanner. For details, see this article.
  2. Configure Kaspersky CyberTrace for integration with FortiSIEM. 
  3. Configure forwarding events from FortiSIEM to Kaspersky CyberTrace. 
  4. Configure sending events from Kaspersky CyberTrace and receiving them in FortiSIEM.

After this, you can browse CyberTrace events, that contains actionable information from Kaspersky Threat Data Feeds as well as from other vendors or sources, in FortiSIEM to identify existing breaches or newly launched attacks, and inform your business or clients about the risks and implications associated with the threat.

To download guide which contains detailed instructions for integrating Kaspersky Threat Data Feeds with FortiSIEM, follow this link.

 
 
 
 
Was this information helpful?
Yes No
Thank you
 
 
 

 
 

How can we improve this article?

Your feedback will be used for content improvement purposes only. If you need assistance, please contact technical support.

Submit Submit

Thank you for your feedback!

Your suggestions will help improve this article.

OK