Eset Threat Intelligence Integrations
ESET Threat Intelligence provides advanced, real-time insights into global cybersecurity threats, empowering you to proactively defend your network and systems. By leveraging a vast database of threat data, it enables you to detect and respond to emerging threats, track attack trends, and enhance your security posture with actionable intelligence. With ESET Threat Intelligence, you can make informed decisions to protect your organization from sophisticated cyber threats.
Data streams
This integration connects with the ESET Threat Intelligence TAXII version 2 server. It includes the following datasets for retrieving logs:
| Dataset | TAXII2 Collection name |
|---|---|
|
apt
|
apt stix 2.1
|
|
botnet
|
botnet stix 2.1
|
|
cc
|
botnet.cc stix 2.1
|
|
domains
|
domain stix 2.1
|
|
files
|
file stix 2.1
|
|
ip
|
ip stix 2.1
|
|
url
|
url stix 2.1
|
Requirements
Elastic Agent must be installed.
Setup
Enabling the integration in Elastic:
- In Kibana go to Management > Integrations.
- In "Search for integrations" search bar, type ESET Threat Intelligence.
- Click on the "ESET Threat Intelligence" integration from the search results.
- Click on the "Add ESET Threat Intelligence" button to add the integration.
- Configure all required integration parameters, including username and password that you have received from ESET during onboarding process. For more information, please visit ESET Threat Intelligence page.
- Enable data streams you are interested in and have access to.
- Save the integration.
If you need further assistance, kindly contact our support at info@cytechint.com for prompt assistance and guidance.