How to integrate Kaspersky Threat Data Feeds with FortiSIEM

Latest update: September 22, 2022 ID: 15146
 
 
 
 

Kaspersky CyberTrace allows you to check URLs, file hashes, and IP addresses contained in events that arrive in FortiSIEM. The URLs, file hashes, and IP addresses are checked against threat data feeds from Kaspersky Lab, or from other vendors or sources loaded to CyberTrace. During the matching process, Kaspersky CyberTrace determines the indicator category and generates an event supplemented with actionable context.

To integrate Kaspersky Threat Data Feeds using Kaspersky CyberTrace with FortiSIEM:

  1. Download and install Kaspersky CyberTrace. For details, see this article.
  2. Configure Kaspersky CyberTrace for integration with FortiSIEM. 
  3. Configure forwarding events from FortiSIEM to Kaspersky CyberTrace. 
  4. Configure sending events from Kaspersky CyberTrace and receiving them in FortiSIEM.

After this, you can browse CyberTrace events, that contains actionable information from Kaspersky Threat Data Feeds as well as from other vendors or sources, in FortiSIEM to identify existing breaches or newly launched attacks, and inform your business or clients about the risks and implications associated with the threat.

To download the guide which contains detailed instructions for integrating Kaspersky Threat Data Feeds with FortiSIEM, click the link that corresponds to your version:

 
 
 
 
 
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.