Symantec EDR
Symantec Endpoint Detection and Response (EDR) by Broadcom is an advanced cyber security solution designed to provide comprehensive threat protection for enterprise networks. It leverages machine learning and behavioral analytics to detect, investigate, and remediate complex threats across a wide array of endpoints. The primary function of Symantec EDR is to identify and neutralize threats that have bypassed traditional defensive measures, such as antivirus programs. Its capabilities include deep threat hunting, automated investigation responses, and advanced attack detections, aiming to provide robust security against known and unknown threats in real-time. With the inclusion of Symantec's Global Intelligence Network, the EDR solution offers extensive visibility and insights to help organizations proactively respond to potential cybersecurity incidents.
Creating a Symantec EDR connection
Using Access Token
To create the connection you need:
- An API Address
- An Application Client ID
- An Application Client Secret
Creating your connection
- In the Blink platform, navigate to the Connections page > Add connection. A New Connection dialog box opens displaying icons of external service providers available.
- Select the Symantec EDR icon. A dialog box with name of the connection and connection methods appear.
- (Optional) Edit the name of the connection. At a later stage you cannot edit the name.
- Select Access Token as the method to create the connection.
- Fill in the parameters:
- The API Address
- The Application Client ID
- The Application Client Secret
- (Optional) Click Test Connection to test it.
- Click Create connection. The new connection appears on the Connections page.