This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
I have an unofficial integration that leverages the excellent work by
the team on the SecOps Wrapper SDK and ported some of those to be
actions in playbooks. One of those is the ability to query Gemini in
SecOps directly from a playbook:
https://gith...
I have done this as part of a blog post I did last year:
https://medium.com/@cloudymike/building-a-screenshot-api-service-for-google-secops-soar-39cd9ad5a0ff
-mike
The Google Edition of Bindplane is included in your purchase of SecOps.
It will satisfy your requirements around collecting from different
devices (including Syslog) and then ship the logs to SecOps. Bindplane
has an option (I think it's a must-have ...
This should work and you're following a recommended path. Something to
keep in mind is that when you set up a connector on the SOAR to connect
to another SIEM instance, you will need a service account from that
instance to allow the connector to pull...
