3CX DLL-Sideloading attack: What you need to know
Does Sophos provide any validity management for its API credentials, after its 36 months expiry?
If possible, how can we handle this situation with a SIEM application?
Hi, can you please clarify exactly what you are wanting validated?Ie., do you want proof that the creds can't access data post expiry?
RichardP
Program Manager, Support Readiness | CISSP | Sophos Technical SupportSupport Videos | Product Documentation | @SophosSupport | Sign up for SMS AlertsIf a post solves your question use the 'Verify Answer' link.
Hi RichardP,
I want to know when the clientId and secret code expired after 36 months then does Sophos provide any APIs to renew the clientId and secret code.
We are in progress in the integration of Sophos with SIEM. Also, how can we distinguish when the credentials are declined due to wrong or expired?
Thanks
The API token is managed through the UI - the SIEM token can be renewed there - click into it and select renew in the upper right.
An invalid auth will just return a generic 403 - we don't want to expose data through a public API like that. The Central Dashboard is the source of truth for this.