Hi all,
I'm asking if there is a way to interact with ZTNA events through Sophos Central API?
I've done some research on developer.sophos.com/apis, but ZTNA does not seem to be referenced yet.
This thread was automatically locked due to age.
Hi all,
I'm asking if there is a way to interact with ZTNA events through Sophos Central API?
I've done some research on developer.sophos.com/apis, but ZTNA does not seem to be referenced yet.
You could do XDR Queries, which include data from ZTNA.
https://news.sophos.com/en-us/2021/09/20/ioc-hunting-expanding-reach-with-sophos-central-xdr-api/
You could check the SIEM Integration of Central itself: https://support.sophos.com/support/s/article/KB-000036372?language=en_US
__________________________________________________________________________________________________________________
You could do XDR Queries, which include data from ZTNA.
https://news.sophos.com/en-us/2021/09/20/ioc-hunting-expanding-reach-with-sophos-central-xdr-api/
You could check the SIEM Integration of Central itself: https://support.sophos.com/support/s/article/KB-000036372?language=en_US
__________________________________________________________________________________________________________________