🌙
 

Subscribe to the Taegis™ XDR Documentation RSS Feed at .

Learn more about RSS readers or RSS browser extensions.

Cloud Watchlist

detectors


The Cloud Watchlist detector converts events sourced from security providers monitoring public cloud assets into Taegis™ XDR alerts. The converted alerts are assigned a severity and confidence based on the activity observed and Secureworks® Taegis™ XDR alert severity and confidence specifications. The original provider severity and confidence can also be referenced in the original event data as needed. The following integrations are currently handled by the Cloud Watchlist detector:

Examples of security threats that can be sourced from third party providers include:

Input(s)

Microsoft Graph Security

Schema

Third party Alerts

Input Field(s)

Field
provider
sensor_type
status
title
vendor_severity

Outputs

Alerts pushed to the Taegis™ XDR Alert Database and Taegis™ XDR Dashboard.

Configuration Options

None

Detector Requirements

 

On this page: