This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

Archer® Exchange Documentation

Browse the official Archer Exchange documentation for helpful tutorials, step-by-step instructions, and other valuable resources.

Cysiv Command Integration

Cysiv_Logo_300px.jpg
Cysiv Command is a modern security operations and analytics platform. It is the foundation for Cysiv’s threat monitoring, detection, hunting, investigation, and remediation service features. It combines a number of essential technologies and functions into a single platform, leveraging a broad range of advanced data science techniques to automate the time-consuming, complex but essential activities and processes for truly effective threat detection, hunting, investigation, and remediation.

 

Cysiv Command integrates with the RSA Archer IT & Security Risk Management solution, specifically the RSA Archer Cyber Security & Breach Response use case. Cysiv Command integrates with RSA Archer Security Incidents and Incident Journal applications. This integration provides an ongoing management of incidents and security posture using RSA Archer, while allowing a MSSP (Cysiv) to provide SOC-as-a-Service and SIEM-as-a-Service.

 

Potential security incidents in Cysiv Command (co-managed SIEM with the end customers) are mirrored to RSA Archer as a means of both informing and interacting with the customer on security investigations. Case details and case comments are mirrored bi-directionally to enable the Cysiv SOC team to use Cysiv Command while customers use RSA Archer. This allows customers of the MSSP services Cysiv provides to track metrics and cases in the RSA Archer Suite, which is important as the customer may have other incidents, cases or GRC activities that are not tracked by Cysiv. RSA Archer acts as the overall security health and performance system for the customer.

 

Integration Features

Cysiv Command with RSA Archer enables organizations to:

  • Create a new RSA Archer security incident from a Cysiv Command case
  • Link a Cysiv Command case to an existing RSA Archer security incident
  • Sync Cysiv Command case comments with RSA Archer incident journal entries
  • Sync Cysiv Command case fields with RSA Archer security incident fields

  • Resolve Cysiv Command cases linked to RSA Archer security incidents and automatically trigger Cysiv Command to create a new incident journal entry noting that case has been closed and the reason for closing the case.

 

Solution and Platform Information

 

For More Information

To learn more about the Cysiv Command RSA Ready certified integration:

 

For Additional Support

To learn more about Cysiv LLC, please contact info@cysiv.com or 1.833.229.9800. For technical support questions, please contact support@cysiv.com or 1.833.229.9800.

Labels (1)
Labels:
0 Likes
Was this article helpful? Yes No
No ratings
Version history
Last update:
‎2020-01-28 04:26 PM
Updated by:
Valued Contributor Valued Contributor
Contributors

Related Content

Article Dashboard
© 2021 RSA Security LLC or its affiliates.
All rights reserved.