Cysiv Command Integration

Document created by Gloria Higley Employee on Jan 28, 2020Last modified by Gloria Higley Employee on Feb 17, 2020
Version 9Show Document
  • View in full screen mode

Cysiv Logo
Cysiv Command is a modern security operations and analytics platform. It is the foundation for Cysiv’s threat monitoring, detection, hunting, investigation, and remediation service features. It combines a number of essential technologies and functions into a single platform, leveraging a broad range of advanced data science techniques to automate the time-consuming, complex but essential activities and processes for truly effective threat detection, hunting, investigation, and remediation.

 

Cysiv Command integrates with the RSA Archer IT & Security Risk Management solution, specifically the RSA Archer Cyber Security & Breach Response use case. Cysiv Command integrates with RSA Archer Security Incidents and Incident Journal applications. This integration provides an ongoing management of incidents and security posture using RSA Archer, while allowing a MSSP (Cysiv) to provide SOC-as-a-Service and SIEM-as-a-Service.

 

Potential security incidents in Cysiv Command (co-managed SIEM with the end customers) are mirrored to RSA Archer as a means of both informing and interacting with the customer on security investigations. Case details and case comments are mirrored bi-directionally to enable the Cysiv SOC team to use Cysiv Command while customers use RSA Archer. This allows customers of the MSSP services Cysiv provides to track metrics and cases in the RSA Archer Suite, which is important as the customer may have other incidents, cases or GRC activities that are not tracked by Cysiv. RSA Archer acts as the overall security health and performance system for the customer.

 

Integration Features

Cysiv Command with RSA Archer enables organizations to:

  • Create a new RSA Archer security incident from a Cysiv Command case
  • Link a Cysiv Command case to an existing RSA Archer security incident
  • Sync Cysiv Command case comments with RSA Archer incident journal entries
  • Sync Cysiv Command case fields with RSA Archer security incident fields
  • Resolve Cysiv Command cases linked to RSA Archer security incidents and automatically trigger Cysiv Command to create a new incident journal entry noting that case has been closed and the reason for closing the case.

 

Solution and Platform Information

 

For More Information

To learn more about the Cysiv Command RSA Ready certified integration:

 

For Additional Support

To learn more about Cysiv LLC, please contact info@cysiv.com or 1.833.229.9800. For technical support questions, please contact support@cysiv.com or 1.833.229.9800.

Attachments

    Outcomes