Data Source Integration Definitions
integrations detections detectors
The following are definitions for normalization and detection outcomes referenced in the Secureworks® Taegis™ XDR integration documentation.
Normalized ⫘
Logs from the data source are normalized to one or more XDR schemas. This level of integration provides:
- Data retention
- Event search
- Event reporting
- Pivot and multi-schema search
Out-of-the-Box Detections ⫘
Logs from the data source are normalized to one or more XDR schemas and are compatible with XDR native detectors. Alerts may be generated by Watchlists, Tactic Graphs Detectors, and/or Advanced Detectors.
Vendor-Specific Detections ⫘
Logs from the data source are normalized to one or more XDR schemas and are compatible with detectors have been created specifically for this data source. XDR alerts may be generated by promotion of vendor alerts to Watchlists, and/or Tactic Graphs Detectors.