Document toolboxDocument toolbox

Infocyte collector

Owned by Juan Tomás Alonso Nieto (Deactivated)
May 08, 2023
5 min read
[ 1 Service description ] [ 2 Data source description ] [ 3 Vendor setup ] [ 4 Run the collector ]

Service description

Veteran-founded Infocyte is the only Managed Detection and Response (MDR) provider solely focused on detection and response, enabling you to deploy it with your existing Endpoint Protection Platform (EPP) investments or MS Defender. Infocyte also provides Microsoft 365 Security within its platform, making compliance simple.

Infocyte guarantees that we will respond to a security event in 60 minutes or less. We help keep your events from becoming incidents.

Data source description

Data source

AlertDetails

Data table

mdr.infocyte.alertdetails

Collector service

alert_details

Remote endpoint

https://{subdomain}.infocyte.com/api/AlertDetails

Description

AlertDetails endpoint finds all alert instances of the model matched by filter from the remote data source.

Vendor setup

In order to configure the Devo | Infocyte Collector, you need to create an API token that will be used to authenticate API requests.

  1. Login to your Infocyte console.

  2. Create an API token in the Web Console in your profile or Admin panel.

Run the collector

Once the data source is configured, you can either send us the required information if you want us to host and manage the collector for you (Cloud collector), or deploy and host the collector in your own machine using a Docker image (On-premise collector).