Sophos Central
Integrating Sophos Central with ThreatDefence
This guide provides steps to enable SophosCentral API access in your ThreatDefence SIEM.
Step 1: Configuration in SophosCentral Management Console:
- Access Sophos Central Admin:
- Log in to Sophos Central Admin with administrative credentials.
- Navigate to API Credentials Management:
- Go to Global Settings > API Credentials Management page within Sophos Central Admin.
- Add New Credential:
- Click on "Add Credential" from the top-right corner of the screen.
- Provide a Credential name and select the appropriate role.
- Optionally, add a description for the credential.
- Click "Add" to create the API credential. The API credential Summary will be displayed.
- Show Client Secret:
- Click on "Show Client Secret" to reveal the Client Secret associated with the created credential.
- Generate API Key:
- Go to your profile by clicking on your account email address (located in the upper-right corner) and select "My Profile."
- Generate the API key from your profile settings.
Step 2: Configuration in ThreatDefence
1. Provide ThreatDefence with Client Information:
-
Provide the following information to your ThreatDefence representative at support [at] threatdefence.com:
- Client ID
- Client Secret
If you have any questions or need further assistance, please feel free to contact us at support [at] threatdefence.com