Skip to content

Commit

Permalink
Merge pull request #1929 from SEKOIA-IO/fix_header
Browse files Browse the repository at this point in the history
fix bad header for intakes
  • Loading branch information
pbivic authored Jul 31, 2024
2 parents 0407edd + ce264da commit 4c8531a
Show file tree
Hide file tree
Showing 15 changed files with 26 additions and 49 deletions.
5 changes: 2 additions & 3 deletions docs/integration/categories/email/mimecast_email_security.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,10 @@ A secure email gateway to block spam, viruses, and malware.

- **Vendor**: Mimecast
- **Plan**: Defend Prime
- **Supported environment**: On Cloud / On Premise
- **Version compatibility**:
- **Supported environment**: Cloud
- **Detection based on**: Telemetry
- **Supported application or feature**: Email gateway
- **Coverage Score**: 3


!!! warning
Important note - This format is currently in beta. We highly value your feedback to improve its performance.
Expand Down
1 change: 0 additions & 1 deletion docs/integration/categories/email/postfix.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,6 @@ Postfix is a free and open-source mail transfer agent that routes and delivers e
- **Version compatibility**:
- **Detection based on**: Telemetry
- **Supported application or feature**: Email gateway, Mail server
- **Coverage Score**: 2

## Configure

Expand Down
5 changes: 2 additions & 3 deletions docs/integration/categories/email/proofpoint_pod.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,11 +8,10 @@ ProofPoint On Demand (PoD) offers a real-time email processing feed to detect, c

- **Vendor**: Proofpoint
- **Plan**: Defend Prime
- **Supported environment**: On Cloud / On Premise
- **Version compatibility**:
- **Supported environment**: Cloud
- **Detection based on**: Telemetry
- **Supported application or feature**: Email gateway
- **Coverage Score**: 3


## Configure

Expand Down
5 changes: 2 additions & 3 deletions docs/integration/categories/email/proofpoint_tap.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,11 +8,10 @@ Proofpoint Targeted Attack Protection (TAP) helps detect, mitigate, and block ad

- **Vendor**: Proofpoint
- **Plan**: Defend Prime
- **Supported environment**: On Cloud / On Premise
- **Version compatibility**:
- **Supported environment**: Cloud
- **Detection based on**: Telemetry
- **Supported application or feature**: Email gateway
- **Coverage Score**: 3


## Configure

Expand Down
5 changes: 2 additions & 3 deletions docs/integration/categories/email/retarus_email_security.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,11 +8,10 @@ Protection solution for user and technical messaging.

- **Vendor**: Retarus
- **Plan**: Defend Prime
- **Supported environment**: On Cloud / On Premise
- **Version compatibility**:
- **Supported environment**: Cloud
- **Detection based on**: Telemetry / Alert
- **Supported application or feature**: Email gateway
- **Coverage Score**: 3


{!_shared_content/operations_center/integrations/generated/46fe3905-9e38-4fb2-be09-44d31626b694_sample.md!}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,10 @@ Trend Micro Email Security is a robust email protection solution that safeguards

- **Vendor**: Trend Micro
- **Plan**: Defend Prime
- **Supported environment**: On Cloud / On Premise
- **Version compatibility**:
- **Supported environment**: Cloud
- **Detection based on**: Telemetry
- **Supported application or feature**: Email gateway
- **Coverage Score**: 3


## Configure

Expand Down
5 changes: 2 additions & 3 deletions docs/integration/categories/email/vade.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,10 @@ In this documenation we will explain how to collect and send Vade for M365 logs

- **Vendor**: Vade
- **Plan**: Defend Prime
- **Supported environment**: On Premise
- **Version compatibility**:
- **Supported environment**: Cloud
- **Detection based on**: Telemetry
- **Supported application or feature**: Email gateway, Anti-virus
- **Coverage Score**: 4


## Configure

Expand Down
5 changes: 2 additions & 3 deletions docs/integration/categories/email/vade_cloud.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,11 +10,10 @@ In this documentation we will explain how to collect and send Vade Cloud logs to

- **Vendor**: Vade
- **Plan**: Defend Prime
- **Supported environment**: On Cloud
- **Version compatibility**:
- **Supported environment**: Cloud
- **Detection based on**: Telemetry
- **Supported application or feature**: Email gateway, Anti-virus
- **Coverage Score**: 3


## Configure

Expand Down
5 changes: 2 additions & 3 deletions docs/integration/categories/endpoint/harfanglab.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,11 +9,10 @@ This setup guide shows how to forward events produced by HarfangLab EDR to Sekoi

- **Vendor**: Harfanglab
- **Plan**: Defend Prime
- **Supported environment**: On Cloud / On Premise
- **Version compatibility**:
- **Supported environment**: On Premise
- **Detection based on**: Telemetry / Alert
- **Supported application or feature**: Authentication, Driver, Network, Process, Web
- **Coverage Score**: 4



## Configure
Expand Down
5 changes: 2 additions & 3 deletions docs/integration/categories/endpoint/paloalto_cortex_edr.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,10 @@ This setup guide shows how to forward EDR alerts collected on the Palo Alto Cort

- **Vendor**: Palo Alto
- **Plan**: Defend Prime
- **Supported environment**: On Cloud / On Premise
- **Version compatibility**: 3.8
- **Supported environment**: Cloud
- **Detection based on**: Telemetry / Alert
- **Supported application or feature**: Network device logs
- **Coverage Score**: 4


## Collected events

Expand Down
5 changes: 2 additions & 3 deletions docs/integration/categories/endpoint/sophos_edr.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,10 @@ This setup guide shows how to forward events produced by Sophos EDR to Sekoia.io

- **Vendor**: Sophos
- **Plan**: Defend Prime
- **Supported environment**: On Cloud / On Premise
- **Version compatibility**:
- **Supported environment**: Cloud
- **Detection based on**: Telemetry
- **Supported application or feature**: File monitoring, Process monitoring
- **Coverage Score**: 4


## Configure

Expand Down
6 changes: 3 additions & 3 deletions docs/integration/categories/endpoint/tanium.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,11 @@ Tanium solutions manage and protect networks and endpoints.

- **Vendor**: Tanium
- **Plan**: Defend Prime
- **Supported environment**: On Cloud / On Premise
- **Version compatibility**:
- **Supported environment**: On Premise
- **Version compatibility**:7.5.6
- **Detection based on**: Telemetry
- **Supported application or feature**: File, Network, Process, Registry
- **Coverage Score**: 4


## Configure
Tanium logs can be collected under the rsyslog format and then forward to Sekoia.io. Refer to the official documentation of Tanium to forward your logs under rsyslog format and consult the [Rsyslog Transport](../../../ingestion_methods/rsyslog/) documentation to forward these logs to Sekoia.io.
Expand Down
5 changes: 2 additions & 3 deletions docs/integration/categories/endpoint/tehtris_edr.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,11 +10,10 @@ This setup guide shows how to forward events produced by TEHTRIS EDR to Sekoia.i

- **Vendor**: TEHTRIS
- **Plan**: Defend Prime
- **Supported environment**: On Cloud / On Premise
- **Version compatibility**:
- **Supported environment**: On Cloud
- **Detection based on**: Telemetry / Alert
- **Supported application or feature**: File monitoring, Process monitoring and Anti-virus
- **Coverage Score**: 4


## Configure

Expand Down
2 changes: 1 addition & 1 deletion docs/integration/categories/network/cato_sase.md
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ Cato Networks is a software company providing solutions to protect cloud applica
- **Supported environment**: Cloud
- **Detection based on**: Telemetry / Alert
- **Supported application or feature**: Application, Web, Authentication
- **Coverage Score**: 3



## Configure
Expand Down
11 changes: 0 additions & 11 deletions docs/integration/categories/overview.md
Original file line number Diff line number Diff line change
Expand Up @@ -31,17 +31,6 @@ To ensure consistency and ease of use, each detailed page of an integration foll
6. **Detection**: Information on detection capabilities related to the integration with a list of built-in rules, and the list of extracted fields that can be used for creating your own custom rules or hunting activites.
7. **Further Readings**: Additional resources and links for further information.

## Coverage Score

To help assess the importance and extent of the integration within an enterprise, we introduce the concept of a Coverage Score:

| Coverage Score | Description |
| -------------- | ----------- |
| 1 | Technology installed on a few machines only. It has limited scope and is not used extensively in the enterprise. |
| 2 | Technology used in several parts of the enterprise, but not universally. It may cover specific departments or services. |
| 3 | Technology widely deployed and used across a significant portion of the enterprise. It covers many users or systems within the IT infrastructure. |
| 4 | Technology utilized by the majority of the IT infrastructure of the enterprise. It is essential and generally used by most employees and systems within the company. |

## Valuable Resources

To enhance your experience and keep you informed about our latest developments, we recommend exploring the following resources:
Expand Down

0 comments on commit 4c8531a

Please sign in to comment.