Views:

Configure the integration to allow Cymulate to pull events from TrendAI Vision One™, as well as to analyze logs and alerts and validate simulated attacks.

Procedure

  1. In the TrendAI Vision One™ console, obtain the endpoint URL and authentication token.
    1. Go to Workflow and AutomationThird-Party Integrations.
    2. Locate and click the Cymulate card.
    3. Click dddna_summary_detection_copy=GUID-4DE35BE5-57A5-4919-BF9C-5EC95F9CA8FD=1=en-us=Low.png to copy and save the Endpoint URL.
    4. Copy and save the Authentication token.
      • If no authentication token exists, click Generate and copy the new token. You can specify the expiration time in AdministrationAPI Keys.
      • If the existing authentication token is expired, click Revoke, then generate and copy a new token.
  2. In the Cymulate console, configure the TrendAI Vision One™ integration.
    1. Go to Configuration and find the TrendAI Vision One™ integration.
    2. Click Edit.
    3. Configure the following settings.
      Setting
      Description
      URL
      Paste the endpoint URL obtained from the TrendAI Vision One™ console.
      Token
      Paste the authentication token obtained from the TrendAI Vision One™ console.
      Timezone
      Select your time zone.
      EDR delay
      Set the duration (in minutes) for Cymulate to wait for logs and alert data to appear before querying the TrendAI Vision One™ console.
      For more information, see the integration demo video.
    4. Click Save.
      Cymulate begins collecting data from TrendAI Vision One™. Cymulate can only collect data generated after connecting to TrendAI Vision One™. You might need to allow some time before new data starts to appear.