- Supported Cloud Connectors
- Armis Cloud Connector
- AWS Cloud Connector
- AWS Multi-Tenant Cloud Connector
- Azure Cloud Connector
- Azure Cloud Connector Overview
- Azure Audit Source and Event Support
- Prerequisites to Configure the Azure Cloud Connector
- Configure the Azure Cloud Connector
- Collect EventHub Information for Azure EventHub Endpoints
- Collect all Microsoft Defender ATP Events
- Configure Azure to Monitor Security Center Events in Azure VMs
- Bitglass Cloud Connector
- Box Cloud Connector
- Centrify Cloud Connector
- Cisco AMP for Endpoints Cloud Connector
- Cisco Meraki Cloud Connector
- Cisco Umbrella Cloud Connector
- Citrix ShareFile Cloud Connector
- Cloudflare Cloud Connector
- Code42 Incydr Cloud Connector
- CrowdStrike Falcon Cloud Connector
- Cybereason Cloud Connector
- CylanceProtect Cloud Connector
- Dropbox Business Cloud Connector
- Duo Security Cloud Connector
- Egnyte Cloud Connector
- Fidelis Cloud Connector
- GitHub Cloud Connector
- Google Cloud Platform (GCP) Cloud Connector
- Google Cloud Pub/Sub Cloud Connector
- Google Workspace (Formerly G Suite) Cloud Connector
- LastPass Enterprise Cloud Connector
- Mimecast Email Security Cloud Connector
- Netskope Cloud Connector
- Office 365 Cloud Connector
- Okta Cloud Connector
- OneLogin Cloud Connector
- Palo Alto Networks SaaS Security Cloud Connector
- Ping Identity Cloud Connector
- Proofpoint Cloud Connector
- Rapid7 InsightVM Cloud Connector
- Salesforce Cloud Connector
- SentinelOne Cloud Connector
- ServiceNow Cloud Connector
- Slack App Cloud Connector
- Slack Classic App Cloud Connector (Formerly known as Slack Enterprise Grid Cloud Connector)
- Snowflake Cloud Connector
- Sophos Central Cloud Connector
- Symantec CloudSOC Cloud Connector
- Symantec Endpoint Protection (SEP) Mobile Cloud Connector
- Symantec Email Security.cloud Cloud Connector
- Symantec WSS Cloud Connector
- Tenable.io Cloud Connector
- VMware Carbon Black Cloud Endpoint Standard Cloud Connector
- Workday Cloud Connector
- Zoom Cloud Connector
- Custom Cloud Connector
- Webhook Cloud Connector
Symantec CloudSOC Cloud Connector
Broadcom’s Symantec CloudSOC is a Cloud Access Security Broker (CAB) that protects cloud applications and services by providing visibility over all the cloud services in the organization and by identifying risks and compliance issues. Symantec CloudSOC helps enterprises to continuously monitor and control the cloud apps usage and protects SaaS, PaaS, and IaaS accounts from misuse, threats, and data loss. For more information see the product information.
Prerequisites to Configure the Symantec CloudSOC Connector
Before you configure the Symantec CloudSOC connector you must obtain the following account information:
API Key, also called Key ID
Key Secret
Tenant
Obtain the API Key, Key Secret, and Tenant
Symantec CloudSOC APIs are authenticated via application keys. You must obtain the API key, key secret, and tenant to use while configuring the Symantec CloudSOC connector.
To obtain an application key ID, key secret, and tenant:
Log in to the Symantec CloudSOC console as an administrator.
Navigate to Settings by clicking your username.
Click API Keys on the Settings page.
On the API Keys page, in the Add a New API Key box, type a name for the key, then click Add New API Key.
In the API Key List area, in the row for the new key that you created, click the download icon to download the config.json file.
Open the config.json file in a text editor and record the values for:
Key ID
Key Secret
Tenant
Note the values for the API key that is key ID, key secret, and tenant. Use the values while configuring the Symantec CloudSOC Connector on the Exabeam Cloud Connector platform. For more information see CloudSOC Management API Guide.
Configure the Symantec CloudSOC Connector
Broadcom’s Symantec CloudSOC is a Cloud Access Security Broker (CAB) that protects cloud applications and services by providing visibility over all the cloud services in the organization and by identifying risks and compliance issues. Symantec CloudSOC helps enterprises to continuously monitor and control the cloud apps usage and protects SaaS, PaaS, and IaaS accounts from misuse, threats, and data loss. For more information see the product information.
The following table displays audit source API and security events supported by the connector.
Audit Source: API | Service or Module Covered | Events Included |
|---|---|---|
Management API | Any | All |
To configure the Symantec CloudSOC connector to import data into the Exabeam Cloud Connector platform:
Complete the Prerequisites to Configure the Symantec CloudSOC Connector.
Log in to the Exabeam Cloud Connectors platform with your registered credentials.
Navigate to Settings > Accounts > Add Account.
Click Select Service to Add, then select Symantec CloudSOC from the list.
In the Accounts section, enter the required information. Required fields are indicated with a red bar.
Tenant – Select a tenant to attach to the connector if you are using a multi-tenant edition of Exabeam. Otherwise, select default.
Account Name – Specify a name for the Symantec CloudSOC connector. For example, Corporate Cloud Access Security Broker.
(Optional) Description – Describe the Symantec CloudSOC connector. For example, Symantec CloudSOC CAB for visibility, data security, and threat protection.
Key ID – Enter the value for key ID that you obtained while completing prerequisites.
Key Secret – Enter the value for key secret that you obtained while completing prerequisites.
Tenant – Enter the value for tenant that you obtained while completing prerequisites.
Region – Select the region EU or US based on the cloud host URL. If you use US-based production cloud, the host URL is api-vip.elastica.net. Select US. If you use EU-based production cloud, the host URL is api.eu.elastica.net. Select EU.
To confirm that the Exabeam Cloud Connector platform communicates with the service, click Test Connection.
Click Done to save your changes. The cloud connector is now set up on the Exabeam Cloud Connector platform.
To ensure that the connector is ready to send and collect data, Start the connector and check that the status shows
OK.