This resource offers comprehensive instructions and best practices for integrating and managing our Managed Extended Detection and Response (MXDR), MDR, In-house SOC, and SIEM solutions.
Leveraging our expertise, we’ve developed top-tier resources adhering to the highest standards, including:
In-depth guides for seamless
integration.
Clear processes to enhance your security
operations.
Custom SOPs for optimal performance of your threat detection solutions.
These guidelines are invaluable for organizations using MDR, In-house SOC, or SIEM solutions.
Sl. No | Vendor | Category | Sub-Category | Integration Method | SOP Hyperlink |
---|---|---|---|---|---|
1 | Thycotic | Access Mgmt | Privileged Access Management (PAM) | Push method (via syslog service) | Login To View |
2 | BeyondTrust | Access Mgmt | Privileged Access Management (PAM) | Push method (via syslog service) | Login To View |
3 | Cyberark | Access Mgmt | Privileged Access Management (PAM) | Push method (via syslog service) | Login To View |
4 | Mcafee | Endpoint | Antivirus | Push method (via syslog service) | Login To View |
5 | TrendMicro | Endpoint | Endpoint Detection and Response (EDR) | Push method (via syslog service) | Login To View |
6 | Seqrite | Endpoint | Antivirus | Push method (via syslog service) | Login To View |
7 | TrendMicro | Endpoint | Antivirus | Push method (via syslog service) | Login To View |
8 | TrendMicro | Endpoint | Antivirus | Push method (via syslog service) | Login To View |
9 | TrendMicro | Network Mgmt | Email Solution | Push method (via syslog service) | Login To View |
10 | PaloAlto | Endpoint | XDR | Push method (via syslog service) | Login To View |
11 | Symantec | Endpoint | Antivirus | Push method (via syslog service) | Login To View |
12 | Symantec | Endpoint | Endpoint Detection and Response (EDR) | Push method (via syslog service) | Login To View |
13 | TrendMicro | Network Mgmt | Antispam | Push method (via syslog service) | Login To View |
14 | Sophos | Endpoint | Endpoint Detection and Response (EDR) | Pull method (via API) | Login To View |
15 | Kaspersky | Endpoint | Antivirus | Push method (via syslog service) | Login To View |
16 | Symantec | Endpoint | Data Loss Prevention (DLP) | Push method (via syslog service) | Login To View |
17 | Sophos | Endpoint | Endpoint Detection and Response (EDR) | Pull method (via API) | Login To View |
18 | Zeek | Network Mgmt | Network Monitoring | Push method (via filebeat agent) | Login To View |
19 | Sentinel One | Endpoint | Endpoint Detection and Response (EDR) | Push method (via syslog service) | Login To View |
20 | F5 | Network Mgmt | Web Application Firewall (WAF) | Push method (via syslog service) | Login To View |
21 | Barracuda | Network Mgmt | Web Application Firewall (WAF) | Push method (via syslog service) | Login To View |
22 | Imperva | Network Mgmt | Web Application Firewall (WAF) | Push method (via syslog service) | Login To View |
23 | Fortiweb | Network Mgmt | Web Application Firewall (WAF) | Push method (via syslog service) | Login To View |
24 | Amazon | Cloud services | WAF | Pull method (via s3 bucket) | Login To View |
25 | Amazon | Cloud services | Postgress | Pull method (via s3 bucket) | Login To View |
26 | Amazon | Cloud services | ALB | Pull method (via s3 bucket) | Login To View |
27 | Amazon | Cloud services | Kubernetes | Pull method (via s3 bucket) | Login To View |
28 | Amazon | Cloud services | ELB | Pull method (via s3 bucket) | Login To View |
29 | Amazon | Cloud services | RDS | Pull method (via s3 bucket) | Login To View |
30 | Amazon | Cloud services | S3 | Pull method (via s3 bucket) | Login To View |
31 | Amazon | Cloud services | S3 | Pull method (via s3 bucket) | Login To View |
32 | Amazon | Cloud services | Clam AV | Pull method (via s3 bucket) | Login To View |
33 | Amazon | Cloud services | Config | Pull method (via s3 bucket) | Login To View |
34 | Cloudflare | DDOS | Cloudflare | Pull method (via s3 bucket) | Login To View |
35 | Amazon | Cloud services | VPC | Pull method (via s3 bucket) | Login To View |
37 | Amazon | Cloud services | Aroura | Pull method (via s3 bucket) | Login To View |
38 | Amazon | Cloud services | Route 53 | Pull method (via s3 bucket) | Login To View |
39 | Azure | Cloud services | WAF | Pull method (via Eventhub) | Login To View |
40 | Azure | Cloud services | SQL | Pull method (via Eventhub) | Login To View |
41 | Azure | Cloud services | Azure Active Directory | Pull method (via Eventhub) | Login To View |
42 | Azure | Cloud services | Postgre SQL | Pull method (via Eventhub) | Login To View |
43 | Azure | Cloud services | Application Gateway | Pull method (via Eventhub) | Login To View |
44 | Azure | Email Security | O365 | Pull method (via Eventhub) | Login To View |
45 | Microsoft | EDR | Defender | Pull method (via Eventhub) | Login To View |
46 | Microsoft | Cloud services | Defender for Cloud | Pull method (via Eventhub) | Login To View |
47 | Azure | Cloud services | Sentinal | Pull method (via Eventhub) | Login To View |
48 | GCP | Cloud services | Cisco Umbrella | Pull method (via pubsub) | Login To View |
49 | GCP | Cloud services | Activity | Pull method (via pubsub) | Login To View |
50 | Email Security | Messaging | Google Workspace | Pull method (via pubsub) | Login To View |
51 | GCP | Cloud services | Audit | Pull method (via pubsub) | Login To View |
52 | GCP | Cloud services | IAM | Pull method (via pubsub) | Login To View |
53 | GCP | Cloud services | Kubernetes | Pull method (via pubsub) | Login To View |
54 | GCP | Cloud services | SQL | Pull method (via pubsub) | Login To View |
55 | Microsoft | Container Security | Defender | Pull method (via pubsub) | Login To View |
56 | Oracle | Middleware | Database | Pull method (via JBDC plugin) | Login To View |
57 | MongoDB | Middleware | Database | Push method (via syslog service) | Login To View |
58 | MySQL | Middleware | Database | Push method (via filebeat agent) | Login To View |
59 | MSSQL | Middleware | Database | Pull method (via JBDC plugin) | Login To View |
60 | MariaDB | Middleware | Database | Push method (via syslog service) | Login To View |
61 | PostgreSQL | Middleware | Database | Push method (via filebeat agent) | Login To View |
62 | MariaDB | Middleware | Database | Push method (via filebeat agent) | Login To View |
63 | DataSunrise | Middleware | Database | Push method (via syslog service) | Login To View |
64 | Vmware | Hypervisor | VmWare | Push method (via syslog service) | Login To View |
65 | Vmware | Hypervisor | ESXi | Push method (via syslog service) | Login To View |
66 | Squid | Application Security | Web Server | Push method (via filebeat agent) | Login To View |
67 | Apache | Application Security | Web Server | Push method (via filebeat agent) | Login To View |
68 | Azure | Application Security | IIS | Push method (via filebeat agent) | Login To View |
69 | Github | Middleware | Web Repository | Push method (via filebeat agent) | Login To View |
70 | Fortigate | Network Mgmt | Firewall | Push method (via syslog service) | Login To View |
71 | Fortinet | Network Mgmt | Firewall | Push method (via syslog service) | Login To View |
72 | Sonicwall | Network Mgmt | Firewall | Push method (via syslog service) | Login To View |
73 | Sophos | Network Mgmt | Firewall | Push method (via syslog service) | Login To View |
74 | Cisco | Network Mgmt | Firewall | Push method (via syslog service) | Login To View |
75 | Cisco | Network Mgmt | Firewall | Push method (via syslog service) | Login To View |
76 | Symantec | Network Mgmt | Firewall | Push method (via syslog service) | Login To View |
77 | Juniper | Network Mgmt | Firewall | Push method (via syslog service) | Login To View |
78 | Checkpoint | Network Mgmt | Firewall | Push method (via syslog service) | Login To View |
79 | Palo-Alto | Network Mgmt | Firewall | Push method (via syslog service) | Login To View |
80 | TrendMicro | Network Mgmt | Firewall | Push method (via syslog service) | Login To View |
81 | F5 | Network Mgmt | Firewall | Push method (via syslog service) | Login To View |
82 | Fortinac | Network Mgmt | Firewall | Push method (via syslog service) | Login To View |
83 | Kaspersky | Network Mgmt | Firewall | Push method (via syslog service) | Login To View |
84 | Cisco | Network Mgmt | Firewall | Push method (via syslog service) | Login To View |
85 | Hillstone | Network Mgmt | Firewall | Push method (via syslog service) | Login To View |
86 | ESET | Network Mgmt | Firewall | Push method (via syslog service) | Login To View |
87 | Fire-Eye | Network Mgmt | Firewall | Push method (via syslog service) | Login To View |
88 | Fortigate | Network Mgmt | Firewall | Push method (via syslog service) | Login To View |
89 | Fortinet | Network Mgmt | Switch | Push method (via syslog service) | Login To View |
90 | Sophos | Network Mgmt | Intrusion Prevention System (IPS) | Push method (via syslog service) | Login To View |
91 | Fortinet | Network Mgmt | Intrusion Prevention System (IPS) | Push method (via syslog service) | Login To View |
92 | Checkpoint | Network Mgmt | Intrusion Prevention System (IPS) | Push method (via syslog service) | Login To View |
93 | Suricata | Network Mgmt | Intrusion Prevention System (IPS) | Push method (via syslog service) | Login To View |
94 | Citrix | Network Mgmt | Load Balancer | Push method (via syslog service) | Login To View |
95 | A10 | Network Mgmt | Load Balancer | Push method (via syslog service) | Login To View |
96 | Vmware | Network Mgmt | Appliance | Push method (via syslog service) | Login To View |
97 | DELL | Network Mgmt | Appliance | Push method (via syslog service) | Login To View |
98 | DELL | Network Mgmt | Appliance | Push method (via syslog service) | Login To View |
99 | Juniper | Network Mgmt | Switch | Push method (via syslog service) | Login To View |
100 | Cisco | Network Mgmt | Switch | Push method (via syslog service) | Login To View |
101 | Cisco | Network Mgmt | Router | Push method (via syslog service) | Login To View |
102 | Aruba | Network Mgmt | Switch | Push method (via syslog service) | Login To View |
103 | Dell | Network Mgmt | Switch | Push method (via syslog service) | Login To View |
104 | Netgear | Network Mgmt | Switch | Push method (via syslog service) | Login To View |
105 | Cisco | Network Mgmt | Appliance | Push method (via syslog service) | Login To View |
106 | Cisco | Network Mgmt | Switch | Push method (via syslog service) | Login To View |
107 | Huawei | Network Mgmt | Switch | Push method (via syslog service) | Login To View |
108 | Huawei | Network Mgmt | Appliance | Push method (via syslog service) | Login To View |
109 | Huawei | Network Mgmt | Router | Push method (via syslog service) | Login To View |
110 | Kemp | Network Mgmt | Appliance | Push method (via syslog service) | Login To View |
111 | Huawei | Network Mgmt | Appliance | Push method (via syslog service) | Login To View |
112 | HAProxy | Network Mgmt | Appliance | Push method (via syslog service) | Login To View |
113 | TrendMicro Tipping Point | Network Mgmt | Intrusion Prevention System (IPS) | Push method (via syslog service) | Login To View |
114 | Microsoft | Operating System | Windows | Push method (via filebeat agent) | Login To View |
115 | Ubuntu | Operating System | Linux | Push method (via filebeat agent) | Login To View |
116 | Microsoft | Operating System | Active Directory | Push method (via winlogbeat agent) | Login To View |
117 | Microsoft | Operating System | DNS | Push method (via winlogbeat agent) | Login To View |
118 | Ubuntu | Operating System | Linux | Push method (via syslog service) | Login To View |
119 | Ubuntu | Operating System | Linux | Push method (via Auditbeat service) | Login To View |
120 | IBM | Operating System | AIX | Push method (via syslog service) | Login To View |
121 | FutureX | Security Appliance | Hardware Security Module (HSM) | Push method (via syslog service) | Login To View |
122 | DELL | Security Appliance | Hardware Security Module (HSM) | Push method (via syslog service) | Login To View |
123 | Ngnix | Application Security | Web Server | Push method (via filebeat agent) | Login To View |
SISA is a global forensics-driven cybersecurity solutions company, trusted by leading organizations for securing their businesses with robust preventive, detective, and corrective cybersecurity solutions. Our problem-first, human-centric approach helps businesses strengthen their cybersecurity posture.
Industry recognition by CREST, CERT-In and PCI SSC serves as a testament to our skill, knowledge, and competence.
We apply the power of forensic intelligence and advanced technology to offer true security to 2,000+ customers in 40+ countries.