Back to binalyze.com
Search…
Welcome
AIR
AIR
Introduction
Setup
Update
Features
Integrations
FAQ
AIR SSL Enforcement
AIR agent troubleshooting
What ports are used by AIR?
How many endpoints can connect to a single Console instance?
How do I enable SSL on AIR?
Can I use AIR with EDR/XDR Products?
Can I integrate AIR with my SOAR/SIEM?
What (sub)domains are used by AIR?
Docker & Host System IP Conflict
Monitoring Agent and UI API's
How do I update AIR Console?
How do I update endpoints?
How to reset the password of a user via the AIR-CLI?
Anything missing?
TACTICAL
TACTICAL
What is TACTICAL?
Running TACTICAL from command line
Command Line Options
Evidence Types
Artifact Types
Command Line Examples
Exit Codes
Download TACTICAL
TACTICAL for Chrome
DRONE
DRONE
Introduction
How to use it?
Settings
Reporting
Features
Download DRONE
General
Licenses
Powered By GitBook
Can I integrate AIR with my SOAR/SIEM?
Integrating AIR with SOAR/SIEM
AIR can be triggered by your SIEM/SOAR product without human intervention. This makes it a perfect match for responding to alerts you receive from these solutions.
Communication with SIEM products is bi-directional. So, AIR not only receives alerts/triggers from your SIEM but also reports the actions it performed back to it via Syslog Protocol.
Previous
Can I use AIR with EDR/XDR Products?
Next
What (sub)domains are used by AIR?
Last modified 8mo ago
Copy link