XM Cyber v2.0.1

XSOAR is a comprehensive SOAR platform that integrates different security tools to centralize incident management, driving better detection, investigation, and response to suspicious activity across your organization.The integration uses attack graph context and prioritization data that XSOAR receives from XM CEM, and also allows XSOAR to feed relevant entities back to CEM to be defined as breach points in CEM scenarios.

Author:
XM Cyber
Support:
partner
URL:
https://customers.xmcyber.com
agentixxsiam
Data Enrichment & Threat Intelligence

Dashboards (1)

  • XM Cyber Dashboard

Integrations (2)

Scripts (1)

README

Product/Integration Overview

XM Cyber continuously identifies attack paths to critical assets. This integration retrieves events for newly at-risk critical assets, newly discovered choke points, and changes in overall risk score. Incidents are also enriched with incoming attack vectors to affected endpoints and a list of critical assets exposed by the incident.

Use Cases

  • New attack path to a critical asset triggers alerts and options to quarantine/disconnect/patch.
  • New lateral movement exposure triggers alerts and options to change policy, and scan endpoints.
  • Incidents from EDRs are enriched with critical asset information and, if the severity is high, then action can be taken.

Dashboard

  • XM Cyber Dashboard: This dashboard displays the information from the XM Cyber CEM integration for Security Score, Choke Points by Severity, Critical Assets by Severity, and Top Compromising Exposures.