Skip to main content

OpenText EnCase Endpoint Security

opentext-encase-endpoint-security

Version: 1.1
Updated: Jul 03, 2023

Collect evidence, create events and investigations, and issue containment actions with EnCase Endpoint Security.

Actions​

  • Collect Data (Enrichment) - Collect data from an endpoint as evidence during an investigation.
  • Collect Memory (Enrichment) - Collect memory from an endpoint as evidence during an investigation.
  • Collect Timeline (Enrichment) - Collect a timeline of events from an endpoint as evidence during an investigation.
  • Find Items of Interest (Enrichment) - Search for items of interest to an investigation.
  • List Investigations (Enrichment) -Gather a list of all investigations.
  • Create Event (Notification) - Create a new event.
  • Create Investigation (Notification) - Create a new investigation.
  • Create Snapshot (Containment) - Create a new snapshot.
  • Ban Hash (Containment) - Ban a file.
  • Quarantine (Containment) - Quarantine a host.

Configure OpenText EnCase Endpoint Security in Automation Service and Cloud SOAR​

Before you can use the integration, you must configure it so that the vendor can communicate with Sumo Logic. For general guidance, see Configure Authentication for Integrations.

Change Log​

  • October 3, 2019 - First upload
  • July 3, 2023 (v1.1) - Updated the integration with Environmental Variables
Edit this page
Last updated on by John Pipkin (Sumo Logic)
Status
Legal
Privacy Statement
Terms of Use

Copyright © 2025 by Sumo Logic, Inc.