HudsonRock Cavalier
Version: 1.0
Updated: Feb 03, 2023
HudsonRock Cavalier is a cybercrime intelligence data source composed of millions of machines compromised in global malware spreading campaigns. It is based on forensic technologies and operational know-how developed at the IDF's 8200 Unit to counter nation-state adversaries and professional threat-actors.
Actions
- End User Protection (Enrichment) - Retrieve compromised computers for a given list of end users.
- Domain Intelligence (Enrichment) - Retrieve compromised computers for given domains.
- IP Intelligence (Enrichment) - Retrieve compromised computers for a given IP.
- Assets Intelligence (Enrichment) - Retrieve compromised computers for a given operating system.
- Third Party Risk Assessment (Enrichment) - Retrieve risk statistics for a given third party.
Configure HudsonRock Cavalier in Automation Service and Cloud SOAR
Before you can use the integration, you must configure it so that the vendor can communicate with Sumo Logic. For general guidance, see Configure Authentication for Integrations.
- Access App Central and install the integration.
- Select the installed integration in the Integrations page.
Classic UI. In the main Sumo Logic menu, select Automation and then select Integrations in the left nav bar.
New UI. In the main Sumo Logic menu, select Automation > Integrations. You can also click the Go To... menu at the top of the screen and select Integrations. - Select the integration.
- Hover over the resource name and click the Edit button that appears.
- In the Add Resource dialog, enter the authentication needed by the resource. When done, click TEST to test the configuration, and click SAVE to save the configuration.
- Label. The desired name for the resource.
- URL. Your HudsonRock URL.
- API Key. Your HudsonRock API Key you copied earlier from HudsonRock.
For information about HudsonRock, see HudsonRock documentation.
Change Log
- February 3, 2023 - First upload