This topic provides a brief overview of how Security Analytics is integrated with RSA Archer Security Operations (SecOps). It provides a high-level workflow of how you can configure Security Analytics to send alerts and incidents to Archer for incident management and remediation.
You can integrate Security Analytics with RSA Archer SecOps to achieve the following:
- Incident Management: All incident created in Security Analytics can be handled in Archer for complete incident management.
- Incident Remediation: Incidents are handled in Security Analytics, but the remediation tasks are optionally exported to Archer.
Integration with Archer SecOps:
|Archer SecOps Version||Security Analytics 10.5 Integration||Reference|
|1.1||Event Stream Analysis (ESA) module||Configure a Template, in the System Configuration Guide|
|1.2||Incident Management||Configure Integration Setting to Manage Incidents in RSA Archer Security Operations, in the Incident Management Guide|