Kela RaDark

Version: 1.1
Updated: Jul 03, 2023

KELA's RADARK delivers automated threat intelligence, cultivating the targeted and contextualized insights that you need to stay ahead of attackers. Automatically monitor your environment and ensure that targeted threats are mitigated immediately to consistently maintain a strong security posture.

Actions

• List Incidents (Enrichment) - Returns a list of incidents matching it.
• Scrolling Incidents (Enrichment) - Get the next bulk of incidents from List Incidents action.
• Get Incident Details (Enrichment) - Get a specific incident.
• Update Kela RaDark Incident (Containment) - Updating an Incident.

Kela RaDark configuration

1. Sign in Kela RaDark using your username and password.
2. The API token can be generated through the RADARK UI, under the user menu - Generate Api Key.
3. Make sure you copy and save the api token.
   

Configure Kela RaDark in Automation Service and Cloud SOAR

Before you can use the integration, you must configure it so that the vendor can communicate with Sumo Logic. For general guidance, see Configure Authentication for Integrations.

1. Access integrations in the Automation Service or Cloud SOAR.
2. After the list of the integrations appears, search/look for the integration and click on the row.
3. The integration details will appear. Click on the "+" button to add new Resource.
   
4. Populate all the required fields (*).
5. In the API Key field, insert the previously copied key.
6. Click Save.
   
7. To make sure the resource is working, hover over the resource and then click the pencil icon that appears on the right.
   
8. Click TEST SAVED SETTINGS.
   
9. You should receive a successful notification in the bottom right corner.
   

Change Log

• July 3, 2023 (v1.1) - Updated the integration with Environmental Variables