R-Vision Security Orchestration, Automation and Response (hereinafter referred to as R-Vision SOAR) is a software platform used for automation of monitoring, processing, and responding to information security incidents. It aggregates cyberthreat data from various sources into a single database for further analysis and investigation to facilitate incident response capabilities.
R-Vision SOAR can be integrated with KUMA. When this integration is enabled, the creation of a KUMA alert triggers the creation of an incident in R-Vision SOAR. The KUMA alert and the R-Vision SOAR incident are interdependent. When the status of an incident in R-Vision SOAR is updated, the status of the corresponding KUMA alert is also changed.
Integration of R-Vision SOAR and KUMA is configured in both applications. In KUMA, only general administrators can configure the integration.
Mapping KUMA alert fields to R-Vision SOAR incident fields when transferring data via API
KUMA alert field |
R-Vision SOAR incident field |
|
|
|
|
|
|
(as a JSON file) |
|