Back to binalyze.com
Search…
Welcome
AIR
AIR
Introduction
Setup
Features
Integrations
FAQ
AIR agent troubleshooting
What ports are used by AIR?
How many endpoints can connect to a single Console instance?
How do I enable SSL on AIR?
Can I use AIR with EDR/XDR Products?
Can I integrate AIR with my SOAR/SIEM?
What (sub)domains are used by AIR?
How do I update AIR Console?
How do I update endpoints?
Anything missing?
TACTICAL
TACTICAL
What is TACTICAL?
Running TACTICAL from command line
Command Line Options
Evidence Types
Artifact Types
Command Line Examples
Exit Codes
DRONE
DRONE
Introduction
How to use it?
Settings
Reporting
Features
General
Licenses
Powered By GitBook
Can I integrate AIR with my SOAR/SIEM?
AIR can be triggered by your SIEM/SOAR product without human intervention. This makes it a perfect match for responding to alerts you receive from these solutions.
Communication with SIEM products is bi-directional. So, AIR not only receives alerts/triggers from your SIEM but also reports the actions it performed back to it via Syslog Protocol.
Previous
Can I use AIR with EDR/XDR Products?
Next
What (sub)domains are used by AIR?
Last modified 1mo ago
Copy link