BluSapphire
Search…
Introduction
Product Videos
Unified Cyber Defense Platform
The Stack
Features and capabilities
Operations
Architecture
Integration
Cisco pxGrid Integration
MITRE ATT&CK
MITRE ATT&CK Coverage by Tactic
MITRE ATT&CK Coverage by Technique
BluArmour Endpoint Protection
BluArmour For ICS / AirGapped Networks
BluArmour Pre-Deployment Checklist & Roll out Process
Deploy BluArmour via SCCM
BluGenie
SIGMA Rules
Use cases
Threat Intel Sources
Windows Logging Recommendations
Lateral Movement Logging Recommendations
Windows Advanced Auditing Recommendations
GPO for Service Account, WinRM and WMI
Log Forwarding - How To
Mirror / SPAN port configuration
Cloud Log Forwarding
Deploy Micro-Agent/Sysmon via GPO
Threat Hunt
Appendix A
Powered By GitBook
Integration

Threat Intelligence Sharing:

BluSapphire Platform has a capability to collect data of Indicators of compromise (IOC’s) using a rule engine which can be exported in STIX and TAXII for other security systems consume like firewalls, proxy, IPS or any other UTM devices for having intelligence of these attacks. Also, you can export these incidents and download PCAPS and download Zip file of the infected systems.

Platform Interoperability

BluSapphire Platform is open to communicate with other security and non-security solutions. Platform is built using industry standard protocols that enable customers and providers to build their own use cases on top of our platform.
  • Standard integrations: through standard REST APIs interfaces to integrate with tools or platforms
  • Customer integrations: API capability, custom programming.

Cisco ISE pxGrid Partner

BluSapphire integrates with pxGrid to gain contextual information around all network,sensor and log data enabling rapid triage i.e.,
identify the asset profile and posture
logged on user(s), group memberships
how the asset got onto the network
asset location? Wireless/LAN/VPN?
BluSapphire leverages pxGrid integration to also provide rapid threat containment for managed and unmanaged assets, by quarantining / isolating the infected malicious asset from the network.

Other Integrations

Few of our current integrations are listed below
Ransomware Tracker
OTX
Apility
CRITS
Cuckoo
CVE
Cymon
Elastic
Jira
Google Safe Browsing
Have I Been Pwned?
Hybrid Analysis
Malwares . com
MaxMind
MISP
MXToolbox
NVD
OpenPhish
OPSWAT
Phishtank
SANS Dshield
Shodan
Snort
Suricata
VirusTotal
Web Of Trust
Previous
Architecture
Next
Cisco pxGrid Integration
Last modified 5mo ago
Copy link
Outline
Threat Intelligence Sharing:
Platform Interoperability
Cisco ISE pxGrid Partner
Other Integrations