This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
Webinar May 14th: Gemini's generative AI within Google SecOps
Webinar May 29th: Log Ingestion: Bindplane + Google SecOps
Log in to ask a question

Mandiant Security Validation: Step 3 - Integrations

‎09-06-2024 12:33 PM - edited ‎10-11-2024 12:59 PM

GCSCommunity
Staff
0 0 408

Table of Contents

Below you'll find a table of contents for the Integrations journey.

msv-integrations.png

 

One of the best ways to ensure you get holistic security ation for your environment is to utilize some of the many Integrations that Mandiant Security Validation has to offer. In this section, we will introduce you to some of the most common integrations. To see a list of all of our available 3rd party integrations that support MSV, please see the following MSV Integrations Overview page.

Prerequisites

  • Administrative access to MSV Director.
  • Administrative access to the integrating platform.

Actions

msv-integrations-siem.png Chronicle SIEM

One of the most common integrations is with Chronicle SIEM. In this section, we will walk you through setting up Chronicle SIEM as a receiving source of all event data generated by Mandiant Security Validation.

 
Show More
Prerequisites

See the Relevant Links section for more documentation regarding the prerequisites.

  • Administrative access to MSV Director.
  • Administrative access to Chronicle SIEM.
  • JSON-Formatted keys to a Google Cloud Service Accound with access to Chronicle SIEM.
Steps

  1. Create a Service Account and Generate Keys by following the steps in the linked documentation. | Docs

  2. In the MSV console, go to Settings > Integrations. From the table, select Add Integrations > Google Chronicle Backstory.

  3. Fill out the required fields as described in the linked documentation. | Docs

Relevant Links
msv-integrations-crowdstrike.pngCrowdStrike

Crowdstrike is a leading endpoint protection platform that can be integrated with Mandiant Security Validation to provide a more holistic view of your security posture, inclusive of your endpoint devices.

 
Show More
Prerequisites

See the Relevant Links section for more documentation regarding the prerequisites.

  • Administrative access to MSV Director.
  • Administrative access to CrowdStrike.
Steps

  1. Configure Crowdstrike, by logging into your Crowdstrike console and generating an API Key from Falcon. | Docs

  2. Configure Security Validation, by navigating to Settings > Integrations > Add Integration > Crowdstrike. Fill out the required fields as described in the linked documentation. | Docs

  3. Test the integration by clicking the Test button.

Relevant Links
msv-integrations-snowflake.png Snowflake

Snowflake is a leading cloud-based data warehousing platform that can be integrated with Mandiant Security Validation to provide a more holistic view of your security posture, while also providing assurance of compliance with your security policies and regulations.

 
Show More
Prerequisites

See the Relevant Links section for more documentation regarding the prerequisites.

  • Administrative access to MSV Director.
  • Administrative access to Snowflake.
Steps

  1. Configure Snowflake, by logging into your Snowflake console and collecting the information necessary, outlined in the linked documentation. | Docs

  2. Configure Security Validation, by navigating to Settings > Integrations > Add Integration > Snowflake. Fill out the required fields as described in the linked documentation. | Docs

  3. Test the integration by clicking the Test button.

Relevant Links
 
Contributors
0 Likes
Version history
Last update:
‎10-11-2024 12:59 PM
Updated by: