Cdxit

Hello, Can someone tell me if KSC Cloud Console 12 can export logs to a SIEM ? I know that KSC can but not sure for the KSCCC. Thanks

Thanks for your answers ! Some points still not clear for me : isn’t the result of a Sandbox sent to KSN, KTIP or other public Cloud services ? Regarding the synchronous/Asynchronous mode, may I understand that the synchronous one is when KEA requests the cache of the Sandbox and then the file is suspended from running until the result ? And Asynchronous is if no cache answer then KEA pushes file to Sandbox for emulation and file is running on the client until the sandboxing result. Is that correct ?Rgds

Hello, Working on EDR (Optimum/Sandbox) and still have some questions : When the Sandbox gives a result on a file (good or bad), where this information is pushed ? SIEM, KSN, KTIP, Others ? Is this pushed by the Sandbox itself or the Sandbox sends the information to the KSC to push it everywhere, Sandbox to KEA to KES to KSC to everywhere ? I still don’t understand when the Sandbox use the synchronous and asynchronous mode for the emultation.. Can someone explain me ? KEA agent for EDR/Sandbox seems to be compatible with Linux now (KES). Does someone know where I can find this information ? EDR can be managed by KSC ou KSC Cloud Console. Are there differences between the 2 console for the EDR capabilities ?Thanks in advance for your help.