- Supported Cloud Connectors
- Armis Cloud Connector
- AWS Cloud Connector
- AWS Multi-Tenant Cloud Connector
- Azure Cloud Connector
- Azure Cloud Connector Overview
- Azure Audit Source and Event Support
- Prerequisites to Configure the Azure Cloud Connector
- Configure the Azure Cloud Connector
- Collect EventHub Information for Azure EventHub Endpoints
- Collect all Microsoft Defender ATP Events
- Configure Azure to Monitor Security Center Events in Azure VMs
- Bitglass Cloud Connector
- Box Cloud Connector
- Centrify Cloud Connector
- Cisco AMP for Endpoints Cloud Connector
- Cisco Meraki Cloud Connector
- Cisco Umbrella Cloud Connector
- Citrix ShareFile Cloud Connector
- Cloudflare Cloud Connector
- Code42 Incydr Cloud Connector
- CrowdStrike Falcon Cloud Connector
- Cybereason Cloud Connector
- CylanceProtect Cloud Connector
- Dropbox Business Cloud Connector
- Duo Security Cloud Connector
- Egnyte Cloud Connector
- Fidelis Cloud Connector
- GitHub Cloud Connector
- Google Cloud Platform (GCP) Cloud Connector
- Google Cloud Pub/Sub Cloud Connector
- Google Workspace (Formerly G Suite) Cloud Connector
- LastPass Enterprise Cloud Connector
- Mimecast Email Security Cloud Connector
- Netskope Cloud Connector
- Office 365 Cloud Connector
- Okta Cloud Connector
- OneLogin Cloud Connector
- Palo Alto Networks SaaS Security Cloud Connector
- Ping Identity Cloud Connector
- Proofpoint Cloud Connector
- Rapid7 InsightVM Cloud Connector
- Salesforce Cloud Connector
- SentinelOne Cloud Connector
- ServiceNow Cloud Connector
- Slack App Cloud Connector
- Slack Classic App Cloud Connector (Formerly known as Slack Enterprise Grid Cloud Connector)
- Snowflake Cloud Connector
- Sophos Central Cloud Connector
- Symantec CloudSOC Cloud Connector
- Symantec Endpoint Protection (SEP) Mobile Cloud Connector
- Symantec Email Security.cloud Cloud Connector
- Symantec WSS Cloud Connector
- Tenable.io Cloud Connector
- VMware Carbon Black Cloud Endpoint Standard Cloud Connector
- Workday Cloud Connector
- Zoom Cloud Connector
- Custom Cloud Connector
- Webhook Cloud Connector
Symantec Endpoint Protection (SEP) Mobile Cloud Connector
Broadcom’s Symantec Endpoint Protection Mobile (SEP) is a mobile threat defense solution that predicts, detects, and prevents physical, malware, network threats, and vulnerability exploits to protect mobile devices from cyberattacks via threat intelligence technology. SEP protects and alerts the mobile device from suspicious network connection, malicious apps, phishing URLs, OS vulnerabilities, and risky configurations. For more information see the product documentation.
Prerequisites to Configure the Symantec Endpoint Protection (SEP) Mobile Connector
Before you configure the Symantec Endpoint Protection Mobile (SEP) connector you must obtain the following account information to use while configuring the SEP connector:
Organization ID
API URL
API Token
Symantec Endpoint Protection (SEP) Mobile APIs are authenticated via application keys. To contact Broadcom Symantec support to obtain the API URL, API token, and the organization ID, log in to the Symantec Endpoint Protection Mobile Management portal and request the required information.
Configure the Symantec Endpoint Protection (SEP) Mobile Connector
Broadcom’s Symantec Endpoint Protection Mobile (SEP) is a mobile threat defense solution that predicts, detects, and prevents physical, malware, network threats, and vulnerability exploits to protect mobile devices from cyberattacks via threat intelligence technology. SEP protects and alerts the mobile device from suspicious network connection, malicious apps, phishing URLs, OS vulnerabilities, and risky configurations. For more information see the product documentation.
The following table displays audit source API and security events supported by the connector.
Audit Source: API | Service or Module Covered | Events Included |
|---|---|---|
Any | All |
To configure the Symantec Endpoint Protection Mobile connector to import data into the Exabeam Cloud Connector platform:
Complete the Prerequisites to Configure the Symantec Endpoint Protection (SEP) Mobile Connector.
Log in to the Exabeam Cloud Connectors platform with your registered credentials.
Navigate to Settings > Accounts > Add Account.
Click Select Service to Add, then select Symantec EP mobile from the list.
In the Accounts section, enter the required information. Required fields are indicated with a red bar.
Account Name – Specify a name for the Symantec EP connector. For example, Corporate mobile threat defense solution.
Description – (Optional) Describe the Symantec EP connector. For example, Symantec EP to protect mobile devices from cyber-attacks via threat intelligence technology.
Organization ID – Enter the value for organization ID that you obtained while completing prerequisites.
API URL – Enter the API URL that you obtained while completing prerequisites.
API Token – Enter the value for the API token that you obtained while completing prerequisites.
Note
Symantec EP provides a set of REST APIs to integrate SEP cloud with other third-party applications. Exabeam uses the Symantec Security Alerts API to pull events. The Security Alerts API is designed to be used by only one application. You must use the Security Alerts API only for Exabeam cloud connector and not for any other application.
To confirm that the Exabeam Cloud Connector platform communicates with the service, click Test Connection.
Click Done to save your changes. The cloud connector is now set up on the Exabeam Cloud Connector platform.
To ensure that the connector is ready to send and collect data, Start the connector and check that the status shows
OK.