This resource offers comprehensive instructions and best practices for integrating and managing our Managed Extended Detection and Response (MXDR), MDR, In-house SOC, and SIEM solutions.
Leveraging our expertise, we’ve developed top-tier resources adhering to the highest standards, including:
In-depth guides for seamless
integration.
Clear processes to enhance your security
operations.
Custom SOPs for optimal performance of your threat detection solutions.
These guidelines are invaluable for organizations using MDR, In-house SOC, or SIEM solutions.
Sl. No | Vendor | Category | Sub-Category | Integration Method | SOP Hyperlink |
---|---|---|---|---|---|
1 | Thycotic | Access Management | Privileged Access Management (PAM) | Push method (Syslog) | Login To View |
2 | BeyondTrust | Access Management | Privileged Access Management (PAM) | Push method (Syslog) | Login To View |
3 | Cyberark | Access Management | Privileged Access Management (PAM) | Push method (Syslog) | Login To View |
4 | Trelix | Antivirus | Antivirus (McAfee ePO) | Push method (Syslog) | Login To View |
5 | TrendMicro | Antivirus | Apex One | Push method (Syslog) | Login To View |
6 | Seqrite | Antivirus | Antivirus | Push method (Syslog) | Login To View |
7 | TrendMicro | XDR | Vision One | Push method (Syslog) | Login To View |
8 | TrendMicro | EDR | Deep Security | Push method (Syslog) | Login To View |
9 | TrendMicro | Messaging | Email Solution | Push method (Syslog) | Login To View |
10 | PaloAlto | XDR | Xtended Detection and Response (XDR) | Push method (Syslog) | Login To View |
11 | Symantec | Antivirus | Endpoint Protection Manager | Push method (Syslog) | Login To View |
12 | Symantec | EDR | Endpoint Detection and Response (EDR) | Push method (Syslog) | Login To View |
13 | TrendMicro | Messaging | Antispam | Push method (Syslog) | Login To View |
14 | Sophos | EDR | Endpoint Detection and Response (EDR) | Pull method (API) | Login To View |
15 | Kaspersky | Antivirus | Antivirus | Push method (Syslog) | Login To View |
16 | Symantec | DLP | Data Loss Prevention (DLP) | Push method (Syslog) | Login To View |
17 | Zeek | Network | Network Detection and Response (NDR) | Push method (Agent) | Login To View |
18 | Sentinel One | EDR | Endpoint Detection and Response (EDR) | Push method (Syslog) | Login To View |
19 | F5 | Application Security | Web Application Firewall (WAF) | Push method (Syslog) | Login To View |
20 | Barracuda | Application Security | Web Application Firewall (WAF) | Push method (Syslog) | Login To View |
21 | Imperva | Application Security | Web Application Firewall (WAF) | Push method (Syslog) | Login To View |
22 | Fortiweb | Application Security | Web Application Firewall (WAF) | Push method (Syslog) | Login To View |
23 | Amazon | Cloud services | WAF | Push method | Login To View |
24 | Amazon | Cloud services | Postgress | Push method | Login To View |
25 | Amazon | Cloud services | ALB | Push method | Login To View |
26 | Amazon | Cloud services | Kubernetes | Push method | Login To View |
27 | Amazon | Cloud services | ELB | Pull method | Login To View |
28 | Amazon | Cloud services | RDS | Pull method | Login To View |
29 | Amazon | Cloud services | S3 | Pull method | Login To View |
30 | Amazon | Cloud services | S3 | Pull method | Login To View |
31 | Amazon | Cloud services | Clam AV | Pull method | Login To View |
32 | Amazon | Cloud services | Config | Pull method | Login To View |
33 | Cloudflare | DDOS | Cloudflare WAF / DNS | Pull method | Login To View |
34 | Amazon | Cloud services | VPC | Pull method | Login To View |
35 | Amazon | Cloud services | Aroura | Pull method | Login To View |
37 | Amazon | Cloud services | Route 53 | Pull method | Login To View |
38 | Azure | Cloud services | WAF | Pull method | Login To View |
39 | Azure | Cloud services | SQL | Pull method | Login To View |
40 | Azure | Cloud services | Azure Active Directory | Pull method | Login To View |
41 | Azure | Cloud services | Postgre SQL | Pull method | Login To View |
42 | Microsoft | Messaging | O365 | Pull method | Login To View |
43 | Microsoft | EDR | Defender for Endpoint (M365) | Pull method | Login To View |
44 | Azure | Cloud services | Defender for Cloud | Pull method | Login To View |
45 | Azure | Cloud services | Sentinel | Pull method | Login To View |
46 | GCP | Cloud services | Cisco Umbrella | Pull method | Login To View |
47 | GCP | Cloud services | Activity | Pull method | Login To View |
48 | Messaging | Google Workspace | Pull method | Login To View | |
49 | GCP | Cloud services | Audit | Pull method | Login To View |
50 | GCP | Cloud services | IAM | Pull method | Login To View |
51 | GCP | Cloud services | Kubernetes | Pull method | Login To View |
52 | GCP | Cloud services | SQL | Pull method | Login To View |
53 | Microsoft | Container Security | Defender | Pull method | Login To View |
54 | Oracle | Middleware | Database | Push method (Syslog) | Login To View |
55 | MongoDB | Middleware | Database | Push method (Syslog) | Login To View |
56 | MySQL | Middleware | Database | Push method (Agent) | Login To View |
57 | MSSQL | Middleware | Database | Pull method | Login To View |
58 | MariaDB | Middleware | Database | Push method (Syslog) | Login To View |
59 | PostgreSQL | Middleware | Database | Push method (Agent) | Login To View |
60 | MariaDB | Middleware | Database | Push method (Agent) | Login To View |
61 | DataSunrise | Middleware | Database | Push method (Syslog) | Login To View |
62 | Vmware | Hypervisor | VmWare | Push method (Syslog) | Login To View |
63 | Vmware | Hypervisor | ESXi | Push method (Syslog) | Login To View |
64 | Squid | Network | Proxy | Push method (Agent) | Login To View |
65 | Apache | Application Security | Web Server | Push method (Agent) | Login To View |
66 | Microsoft | Application Security | IIS | Push method (Agent) | Login To View |
67 | Github | Cloud services | Web Repository | Push method (Agent) | Login To View |
68 | Fortigate | Network | Firewall | Push method (Syslog) | Login To View |
69 | Fortinet | Network | Firewall | Push method (Syslog) | Login To View |
70 | Sonicwall | Network | Firewall | Push method (Syslog) | Login To View |
71 | Sophos | Network | Firewall | Push method (Syslog) | Login To View |
72 | Cisco | Network | Firewall | Push method (Syslog) | Login To View |
73 | Cisco | Network | Firewall | Push method (Syslog) | Login To View |
74 | Symantec | Network | Firewall | Push method (Syslog) | Login To View |
75 | Juniper | Network | Firewall | Push method (Syslog) | Login To View |
76 | Checkpoint | Network | Firewall | Push method (Syslog) | Login To View |
77 | PaloAlto | Network | Firewall | Push method (Syslog) | Login To View |
78 | TrendMicro | Network | Firewall | Push method (Syslog) | Login To View |
79 | F5 | Network | Firewall | Push method (Syslog) | Login To View |
80 | Fortinac | Network | Firewall | Push method (Syslog) | Login To View |
81 | Kaspersky | Network | Firewall | Push method (Syslog) | Login To View |
82 | Cisco | Network | Firewall | Push method (Syslog) | Login To View |
83 | Hillstone | Network | Firewall | Push method (Syslog) | Login To View |
84 | ESET | Network | Firewall | Push method (Syslog) | Login To View |
85 | Cisco | Network | Firewall (Firepower) | Push method (Syslog) | Login To View |
86 | Fortigate | Network | Firewall | Push method (Syslog) | Login To View |
87 | Fortinet | Network | Switch | Push method (Syslog) | Login To View |
88 | Sophos | Network | Intrusion Prevention System (IPS) | Push method (Syslog) | Login To View |
89 | Fortinet | Network | Intrusion Prevention System (IPS) | Push method (Syslog) | Login To View |
90 | Checkpoint | Network | Intrusion Prevention System (IPS) | Push method (Syslog) | Login To View |
91 | Suricata | Network | Intrusion Prevention System (IPS) | Push method (Syslog) | Login To View |
92 | Citrix | Network | Load Balancer | Push method (Syslog) | Login To View |
93 | A10 | Network | Load Balancer | Push method (Syslog) | Login To View |
94 | Vmware | Network | SD WAN | Push method (Syslog) | Login To View |
95 | DELL | Network | IDPA | Push method (Syslog) | Login To View |
96 | DELL | Network | Switch | Push method (Syslog) | Login To View |
97 | Juniper | Network | Switch | Push method (Syslog) | Login To View |
98 | Cisco | Network | Switch | Push method (Syslog) | Login To View |
99 | Cisco | Network | Router | Push method (Syslog) | Login To View |
100 | Aruba | Network | Switch | Push method (Syslog) | Login To View |
101 | Dell | Network | Switch | Push method (Syslog) | Login To View |
102 | Netgear | Network | Switch | Push method (Syslog) | Login To View |
103 | Cisco | Network | ISE | Push method (Syslog) | Login To View |
104 | Cisco | Network | Switch | Push method (Syslog) | Login To View |
105 | Huawei | Network | Switch | Push method (Syslog) | Login To View |
106 | Huawei | Network | Unified Security Gateway (USN) | Push method (Syslog) | Login To View |
107 | Huawei | Network | Router | Push method (Syslog) | Login To View |
108 | Kemp | Network | Load Master | Push method (Syslog) | Login To View |
109 | Huawei | Network | Agile Controller | Push method (Syslog) | Login To View |
110 | HAProxy | Network | Proxy | Push method (Syslog) | Login To View |
111 | TrendMicro | Network | Tipping Point (IPS) | Push method (Syslog) | Login To View |
112 | Microsoft | Operating System | Windows | Push method (Agent) | Login To View |
113 | Ubuntu | Operating System | Linux | Push method (Agent) | Login To View |
114 | Microsoft | Operating System | Active Directory | Push method (Agent) | Login To View |
115 | Microsoft | Operating System | DNS | Push method (Agent) | Login To View |
116 | Ubuntu | Operating System | Linux | Push method (Syslog) | Login To View |
117 | Ubuntu | Operating System | Linux | Push method (Agent) | Login To View |
118 | IBM | Operating System | AIX | Push method (Syslog) | Login To View |
119 | FutureX | HSM | Hardware Security Module (HSM) | Push method (Syslog) | Login To View |
120 | DELL | HSM | Hardware Security Module (HSM) | Push method (Syslog) | Login To View |
121 | Ngnix | Application Security | Web Server | Push method (Agent) | Login To View |
SISA is a global forensics-driven cybersecurity solutions company, trusted by leading organizations for securing their businesses with robust preventive, detective, and corrective cybersecurity solutions. Our problem-first, human-centric approach helps businesses strengthen their cybersecurity posture.
Industry recognition by CREST, CERT-In and PCI SSC serves as a testament to our skill, knowledge, and competence.
We apply the power of forensic intelligence and advanced technology to offer true security to 2,000+ customers in 40+ countries.