Cloud SIEM Integrations
In this section, we'll introduce the following concepts:
ThreatQ Source
Learn how to set up a ThreatQ source.
Insight Enrichment Server
Learn how to automatically enrich Cloud SIEM insights.
Enable VirusTotal Enrichment
Learn how to enrich signals based on queries it runs against VirusTotal.
TAXII Feed
Learn how to integrate Cloud SIEM with a TAXII threat intelligence feed.
Security Incident Response (SIR)
Learn to install and configure the integration between Sumo Logic Cloud SIEM and ServiceNow's SIR.
Enrichments and Threat Indicators
Learn how enrichments can add threat indicators to show risk level in insights and entities.
Â