Administrators can integrate RSA Security Analytics with RSA Archer Security Operations (SecOps) to send alerts and incidents from Security Analytics to Archer for incident management and remediation.This guide provides a high-level workflow for configuring this integration.
You can integrate Security Analytics with RSA Archer SecOps to achieve the following:
- Incident Management: All incidents created in Security Analytics can be handled in Archer for complete incident management.
- Incident Remediation: Incidents are handled in Security Analytics, but the remediation tasks are optionally exported to Archer.
|Archer SecOps Version||Security Analytics 10.5 Integration||Reference|
|1.1||Event Stream Analysis (ESA) module|| |
See the Configure a Template topic in the System Configuration guide:
System Configuration > Standard Procedures > Configure Templates for Notifications > Configure a Template
|1.2||Incident Management|| |
See the Configure Integration Setting to Manage Incidents in RSA Archer Security Operations topic in the Incident Management guide:
Incident Management > System Integration > Configure Integration Setting to Manage Incidents in RSA Archer Security Operations