Secure privileges for service, application, root and administrator accounts across your enterprise.
Delinea Secret Server
(Formly known as "Thycotic Software Secret Server")
This pack includes XSIAM content.
Secret Server is the only fully featured Privileged Account Management (PAM) solution available both on premise and in the cloud. It empowers security and IT ops teams to secure and manage all types of privileged accounts and offers the fastest time to value of any PAM solution. Palo Alto Networks and Delinea integrations allow you to manage credentials for applications, databases, CI/CD tools, and services without causing friction in the development process
This integration allows to secure privileges for service, application, root and administrator accounts across the enterprise. This updated package has the following:
- Obtain a secret with the required fields for subsequent authentication
- Methods for working with objects Secret: create, update, search, delete, check-in/check-out
- Methods for working with objects Folder: create, update, search, delete
- Methods for working with objects Users: create, update, search, delete
- Fetch updated data from secret for usage in owner automate process.
Delinea Secret Server
(Formly known as "Thycotic Software Secret Server")
This pack includes XSIAM content.
Secret Server is the only fully featured Privileged Account Management (PAM) solution available both on premise and in the cloud. It empowers security and IT ops teams to secure and manage all types of privileged accounts and offers the fastest time to value of any PAM solution. Palo Alto Networks and Delinea integrations allow you to manage credentials for applications, databases, CI/CD tools, and services without causing friction in the development process
This integration allows to secure privileges for service, application, root and administrator accounts across the enterprise. This updated package has the following:
- Obtain a secret with the required fields for subsequent authentication
- Methods for working with objects Secret: create, update, search, delete, check-in/check-out
- Methods for working with objects Folder: create, update, search, delete
- Methods for working with objects Users: create, update, search, delete
- Fetch updated data from secret for usage in owner automate process.
Configuration on Server Side
Navigate to Admin > Configuration.
Click the General tab.
Click the Edit button at the bottom of the page.
Go to the Application Settings section.
Click to select the Enable Syslog/CEF Logging checkbox. A syslog/CEF section will appear.
Type the IP address or name for the XSIAM broker VM in the Syslog/CEF Server text box.
Type the port number where the logging information will be passed (6514 is the default port for secure TCP syslog) in the Syslog/CEF Port text box.
Click the Syslog/CEF Protocol dropdown list and select Secure TCP. Secure TCP means either TLS v1.2 or v1.1 because other versions of SSL, such as SSL v3 and TLS v1.0, have known weaknesses.
Click to select Syslog/CEF Time Zone list box to UTC Time or Server Time, depending on your preference.
Click the Save button.
More information on SIEM integrations can be found here and here
Collect Events from Vendor
In order to use the collector, use the Broker VM option.
Broker VM
To create or configure the Broker VM, use the information described here.
You can configure the specific vendor and product for this instance.
- Navigate to Settings > Configuration > Data Broker > Broker VMs.
- Right-click and select Syslog Collector > Configure.
- When configuring the Syslog Collector, set the following values:
- vendor as vendor - thycotic_software
- product as product - secret_server