- Supported Cloud Connectors
- Armis Cloud Connector
- AWS Cloud Connector
- AWS Multi-Tenant Cloud Connector
- Azure Cloud Connector
- Azure Cloud Connector Overview
- Azure Audit Source and Event Support
- Prerequisites to Configure the Azure Cloud Connector
- Configure the Azure Cloud Connector
- Collect EventHub Information for Azure EventHub Endpoints
- Collect all Microsoft Defender ATP Events
- Configure Azure to Monitor Security Center Events in Azure VMs
- Bitglass Cloud Connector
- Box Cloud Connector
- Centrify Cloud Connector
- Cisco AMP for Endpoints Cloud Connector
- Cisco Meraki Cloud Connector
- Cisco Umbrella Cloud Connector
- Citrix ShareFile Cloud Connector
- Cloudflare Cloud Connector
- Code42 Incydr Cloud Connector
- CrowdStrike Falcon Cloud Connector
- Cybereason Cloud Connector
- CylanceProtect Cloud Connector
- Dropbox Business Cloud Connector
- Duo Security Cloud Connector
- Egnyte Cloud Connector
- Fidelis Cloud Connector
- GitHub Cloud Connector
- Google Cloud Platform (GCP) Cloud Connector
- Google Cloud Pub/Sub Cloud Connector
- Google Workspace (Formerly G Suite) Cloud Connector
- LastPass Enterprise Cloud Connector
- Mimecast Email Security Cloud Connector
- Netskope Cloud Connector
- Office 365 Cloud Connector
- Okta Cloud Connector
- OneLogin Cloud Connector
- Palo Alto Networks SaaS Security Cloud Connector
- Ping Identity Cloud Connector
- Proofpoint Cloud Connector
- Rapid7 InsightVM Cloud Connector
- Salesforce Cloud Connector
- SentinelOne Cloud Connector
- ServiceNow Cloud Connector
- Slack App Cloud Connector
- Slack Classic App Cloud Connector (Formerly known as Slack Enterprise Grid Cloud Connector)
- Snowflake Cloud Connector
- Sophos Central Cloud Connector
- Symantec CloudSOC Cloud Connector
- Symantec Endpoint Protection (SEP) Mobile Cloud Connector
- Symantec Email Security.cloud Cloud Connector
- Symantec WSS Cloud Connector
- Tenable.io Cloud Connector
- VMware Carbon Black Cloud Endpoint Standard Cloud Connector
- Workday Cloud Connector
- Zoom Cloud Connector
- Custom Cloud Connector
- Webhook Cloud Connector
LastPass Enterprise Cloud Connector
LastPass enterprise provides centralized secure access through Single Sign On (SSO), and a password manager that protects each access point. LastPass automates IT processes and provides directory integrations, admin controls, integrated access, encrypted password sharing, two-factor authentication, encryption at device level, and secure vault for each user to access tools. For more information see the LastPass documentation.
Prerequisites to Configure the LastPass Connector
Before you configure the LastPass connector you must complete the following prerequisites:
Obtain the LastPass provisioning hash also known as API secret
Obtain the LastPass company ID (CID) also known as tenant ID
Obtain LastPass Provisioning Hash and CID
LastPass APIs are authenticated via a unique key called a provisioning hash. Contact the LastPass administrator to obtain the values for the provisioning hash and CID. If the administrator does not have the previously-generated required values, you must generate a provisioning hash to use while configuring the LastPass connector.
To create a provisioning hash:
Log in to LastPass Enterprise admin console as an administrator.
Navigate to Advanced Options > Enterprise API.
On the Enterprise API page, in the Authentication Parameters section note the value for CID.
Click Reset Your Provisioning Hash.
Note
Clicking Reset Your Provisioning Hash resets the previous API key and disconnects existing API clients. Make sure that you reset the value only if required.
Note the value for Provisioning Hash.
In the confirmation box, click OK.
Copy the values to use for authorizing the API calls. Use these values, represented by a string of letters and numbers, to configure the LastPass cloud connector.
Configure the LastPass Connector
LastPass enterprise provides centralized secure access through Single Sign On (SSO), and a password manager that protects each access point. LastPass automates IT processes and provides directory integrations, admin controls, integrated access, encrypted password sharing, two-factor authentication, encryption at device level, and secure vault for each user to access tools. For more information see the LastPass documentation.
The following table displays audit source API and security events supported by the connector.
Audit Source: API | Service or Module Covered | Event Included |
|---|---|---|
Reports Events | Any | All |
To configure the LastPass connector to import data into the Exabeam Cloud Connector platform:
Complete the Prerequisites to Configure the LastPass Connector.
Log in to the Exabeam Cloud Connectors platform with your registered credentials.
Navigate to Settings > Accounts > Add Account.
Click Select Service to Add, then select LastPass from the list.
In the Accounts section, enter the required information. Required fields are indicated with a red bar.
Tenant – Select a tenant to attach to the connector if you are using a multi-tenant edition of Exabeam. Otherwise, select default.
Account Name – Specify a name for the LastPass connector. For example, LastPass SSO.
Description – (Optional) Describe the LastPass connector. For example, LastPass password management and secure vault service.
CID – Enter the value for CID that you obtained while completing prerequisites.
Provisioning Hash – Enter the value for provisioning hash that you obtained while completing the prerequisite steps.
Apiuser – (Optional) Enter the name of the API user to identify who is using the API in logs. If you do not specify a value, the field is set to default value of
ExabeamCloudConnectors.API Timezone – Enter the timezone of your lastpass account in which you want to log the API.
To confirm that the Exabeam Cloud Connector platform communicates with the service, click Test Connection.
Click Done to save your changes. The cloud connector is now set up on the Exabeam Cloud Connector platform.
To ensure that the connector is ready to send and collect data, Start the connector and check that the status shows
OK.