SISA monogram in White

ProACT MXDR Integration and Standard Operating Procedures

Your Complete Resource for ProACT MXDR
Integration and Security Optimization

This resource offers comprehensive instructions and best practices for integrating and managing our Managed Extended Detection and Response (MXDR), MDR, In-house SOC, and SIEM solutions.

Leveraging our expertise, we’ve developed top-tier resources adhering to the highest standards, including:

Detailed Documentation

In-depth guides for seamless
integration.

Step-by-Step Instructions

Clear processes to enhance your security
operations.

Tailored Procedures

Custom SOPs for optimal performance of your threat detection solutions.

These guidelines are invaluable for organizations using MDR, In-house SOC, or SIEM solutions.

ProACT MXDR Standard Operating Procedures: From Integration to Enhanced Threat Detection

Details Covered in SOP Documents:

  • Integration Pre-requisites
  • Integration method (Push/Pull)
  • Expected log types samples, for better threat analysis
  • Vendor reference links

Benefits of SOP for Cybersecurity Teams:

  • Ensuring the right data sources (Logs) for threat analysis
  • Reduce the risk of mis-configuration
  • Enhanced threat detection
  • Improved compliance and audit readiness

Accelerate Time to Value with
Integration and Scalability

Learn about the key SOPs and best practices for successfully deploying MXDR in your organization
Sl. NoVendorCategorySub-CategoryIntegration MethodSOP Hyperlink
1ThycoticAccess ManagementPrivileged Access Management (PAM)Push method (Syslog)
2BeyondTrustAccess ManagementPrivileged Access Management (PAM)Push method (Syslog)
3CyberarkAccess ManagementPrivileged Access Management (PAM)Push method (Syslog)
4TrelixAntivirusAntivirus (McAfee ePO)Push method (Syslog)
5TrendMicroAntivirusApex OnePush method (Syslog)
6SeqriteAntivirusAntivirusPush method (Syslog)
7TrendMicroXDRVision OnePush method (Syslog)
8TrendMicroEDRDeep SecurityPush method (Syslog)
9TrendMicroMessagingEmail SolutionPush method (Syslog)
10PaloAltoXDRXtended Detection and Response (XDR)Push method (Syslog)
11SymantecAntivirusEndpoint Protection ManagerPush method (Syslog)
12SymantecEDREndpoint Detection and Response (EDR)Push method (Syslog)
13TrendMicroMessagingAntispamPush method (Syslog)
14SophosEDREndpoint Detection and Response (EDR)Pull method (API)
15KasperskyAntivirusAntivirusPush method (Syslog)
16SymantecDLPData Loss Prevention (DLP)Push method (Syslog)
17ZeekNetworkNetwork Detection and Response (NDR)Push method (Agent)
18Sentinel OneEDREndpoint Detection and Response (EDR)Push method (Syslog)
19F5Application SecurityWeb Application Firewall (WAF)Push method (Syslog)
20BarracudaApplication SecurityWeb Application Firewall (WAF)Push method (Syslog)
21ImpervaApplication SecurityWeb Application Firewall (WAF)Push method (Syslog)
22FortiwebApplication SecurityWeb Application Firewall (WAF)Push method (Syslog)
23AmazonCloud servicesWAFPush method
24AmazonCloud servicesPostgressPush method
25AmazonCloud servicesALBPush method
26AmazonCloud servicesKubernetesPush method
27AmazonCloud servicesELBPull method
28AmazonCloud servicesRDSPull method
29AmazonCloud servicesS3Pull method
30AmazonCloud servicesS3Pull method
31AmazonCloud servicesClam AVPull method
32AmazonCloud servicesConfigPull method
33CloudflareDDOSCloudflare WAF / DNSPull method
34AmazonCloud servicesVPCPull method
35AmazonCloud servicesArouraPull method
37AmazonCloud servicesRoute 53Pull method
38AzureCloud servicesWAFPull method
39AzureCloud servicesSQLPull method
40AzureCloud servicesAzure Active DirectoryPull method
41AzureCloud servicesPostgre SQLPull method
42MicrosoftMessagingO365Pull method
43MicrosoftEDRDefender for Endpoint (M365)Pull method
44AzureCloud servicesDefender for CloudPull method
45AzureCloud servicesSentinelPull method
46GCPCloud servicesCisco UmbrellaPull method
47GCPCloud servicesActivityPull method
48GoogleMessagingGoogle WorkspacePull method
49GCPCloud servicesAuditPull method
50GCPCloud servicesIAMPull method
51GCPCloud servicesKubernetesPull method
52GCPCloud servicesSQLPull method
53MicrosoftContainer SecurityDefenderPull method
54OracleMiddlewareDatabasePush method (Syslog)
55MongoDBMiddlewareDatabasePush method (Syslog)
56MySQLMiddlewareDatabasePush method (Agent)
57MSSQLMiddlewareDatabasePull method
58MariaDBMiddlewareDatabasePush method (Syslog)
59PostgreSQLMiddlewareDatabasePush method (Agent)
60MariaDBMiddlewareDatabasePush method (Agent)
61DataSunriseMiddlewareDatabasePush method (Syslog)
62VmwareHypervisorVmWarePush method (Syslog)
63VmwareHypervisorESXiPush method (Syslog)
64SquidNetworkProxyPush method (Agent)
65ApacheApplication SecurityWeb ServerPush method (Agent)
66MicrosoftApplication SecurityIISPush method (Agent)
67GithubCloud servicesWeb RepositoryPush method (Agent)
68FortigateNetworkFirewallPush method (Syslog)
69FortinetNetworkFirewallPush method (Syslog)
70SonicwallNetworkFirewallPush method (Syslog)
71SophosNetworkFirewallPush method (Syslog)
72CiscoNetworkFirewallPush method (Syslog)
73CiscoNetworkFirewallPush method (Syslog)
74SymantecNetworkFirewallPush method (Syslog)
75JuniperNetworkFirewallPush method (Syslog)
76CheckpointNetworkFirewallPush method (Syslog)
77PaloAltoNetworkFirewallPush method (Syslog)
78TrendMicroNetworkFirewallPush method (Syslog)
79F5NetworkFirewallPush method (Syslog)
80FortinacNetworkFirewallPush method (Syslog)
81KasperskyNetworkFirewallPush method (Syslog)
82CiscoNetworkFirewallPush method (Syslog)
83HillstoneNetworkFirewallPush method (Syslog)
84ESETNetworkFirewallPush method (Syslog)
85CiscoNetworkFirewall (Firepower)Push method (Syslog)
86FortigateNetworkFirewallPush method (Syslog)
87FortinetNetworkSwitchPush method (Syslog)
88SophosNetworkIntrusion Prevention System (IPS)Push method (Syslog)
89FortinetNetworkIntrusion Prevention System (IPS)Push method (Syslog)
90CheckpointNetworkIntrusion Prevention System (IPS)Push method (Syslog)
91SuricataNetworkIntrusion Prevention System (IPS)Push method (Syslog)
92CitrixNetworkLoad BalancerPush method (Syslog)
93A10NetworkLoad BalancerPush method (Syslog)
94VmwareNetworkSD WANPush method (Syslog)
95DELLNetworkIDPAPush method (Syslog)
96DELLNetworkSwitchPush method (Syslog)
97JuniperNetworkSwitchPush method (Syslog)
98CiscoNetworkSwitchPush method (Syslog)
99CiscoNetworkRouterPush method (Syslog)
100ArubaNetworkSwitchPush method (Syslog)
101DellNetworkSwitchPush method (Syslog)
102NetgearNetworkSwitchPush method (Syslog)
103CiscoNetworkISEPush method (Syslog)
104CiscoNetworkSwitchPush method (Syslog)
105HuaweiNetworkSwitchPush method (Syslog)
106HuaweiNetworkUnified Security Gateway (USN)Push method (Syslog)
107HuaweiNetworkRouterPush method (Syslog)
108KempNetworkLoad MasterPush method (Syslog)
109HuaweiNetworkAgile ControllerPush method (Syslog)
110HAProxyNetworkProxyPush method (Syslog)
111TrendMicroNetworkTipping Point (IPS)Push method (Syslog)
112MicrosoftOperating SystemWindowsPush method (Agent)
113UbuntuOperating SystemLinuxPush method (Agent)
114MicrosoftOperating SystemActive DirectoryPush method (Agent)
115MicrosoftOperating SystemDNSPush method (Agent)
116UbuntuOperating SystemLinuxPush method (Syslog)
117UbuntuOperating SystemLinuxPush method (Agent)
118IBMOperating SystemAIXPush method (Syslog)
119FutureXHSMHardware Security Module (HSM)Push method (Syslog)
120DELLHSMHardware Security Module (HSM)Push method (Syslog)
121NgnixApplication SecurityWeb ServerPush method (Agent)
SISA’s Latest
close slider