XSOAR Security Management

XSOAR

XSOAR is an extended security orchestration, automation and response platform with native threat intel management.

By installing the Humio Add-on in XSOAR, XSOAR can be configured to automatically:

  • Query Humio for incidents.

  • Enrich incidents with additional contextual data.

  • Respond to incidents by setting up new Humio alerts.

Installation

You can integrate Humio and XSOAR by installing the Humio add-on in your XSOAR system, which is located under Settings ‣ Integrations ‣ Servers & Services page in XSOAR under the name Humio.

Here you will need to add a Humio instance and configure it as described in XSOAR’s Documenation on Humio Integration. Configuration requires an API key for your Humio instance, which is located under the /settings page in the Humio UI. Example https://cloud.humio.com/settings.