Document toolboxDocument toolbox

Infocyte collector

Service description

Veteran-founded Infocyte is the only Managed Detection and Response (MDR) provider solely focused on detection and response, enabling you to deploy it with your existing Endpoint Protection Platform (EPP) investments or MS Defender. Infocyte also provides Microsoft 365 Security within its platform, making compliance simple.

Infocyte guarantees that we will respond to a security event in 60 minutes or less. We help keep your events from becoming incidents.

Data source description

Data source

AlertDetails

Data table

mdr.infocyte.alertdetails

Collector service

alert_details

Remote endpoint

https://{subdomain}.infocyte.com/api/AlertDetails

Description

AlertDetails endpoint finds all alert instances of the model matched by filter from the remote data source.

Vendor setup

In order to configure the Devo | Infocyte Collector, you need to create an API token that will be used to authenticate API requests.

  1. Login to your Infocyte console.

  2. Create an API token in the Web Console in your profile or Admin panel.

Run the collector

Once the data source is configured, you can either send us the required information if you want us to host and manage the collector for you (Cloud collector), or deploy and host the collector in your own machine using a Docker image (On-premise collector).

Change Log for 1.x.x

Release

Released on

Release type

Details

Recommendations

Release

Released on

Release type

Details

Recommendations

v1.3.0

Sep 11, 2023

IMPROVEMENT

Improvements:

  • Updated DCSDK from 1.4.1 to 1.9.2

Recommended version

v1.2.0

Jun 24, 2022

NEW FEATURE
IMPROVEMENT

This release includes the following changes:

  • The resilience has been improved with a new feature that restart the collector when the Devo connections is lost and it cannot be recovered.

  • All critical and high vulnerabilities have been mitigated.

Update