Digital Shadows SearchLightTM

Integration and Consumption

RESTful API• Content published in the SearchLight portal is also available via our HTTP REST based API. • Based on JavaScript Object Notation (JSON). .• Data model is also based on STIX.

SIEM Integration• Data format ensures that SIEM platforms, such as Splunk and ArcSight, can easily consume incidents, intel-ligence, and alerts.• Security teams are able to act faster and earlier to emerging threats, equipped with greater context and insight.

Visualization and Investigation• Enhanced visualization of this information is also available through the transforms developed with Maltego and ThreatConnect. • Identify trends, patterns and commonalities - ultimately making more informed decisions.

Overview• RESTful API.• Easy integrations with SIEM platforms.• Custom transforms for enhanced visualizations.

Disseminating curated and relevant intelligence to clients is one of the most important aspects of Digital Shadows SearchLightTM. In order to achieve maximum benefit, organizations must be able to easily integrate this with security solutions in their existing infrastructure in order to more quickly take protective action and to remediate. While portal and email-based alerts are available, SearchLight has many integration options:

LondonLevel 39, One Canada Square, London, E14 5AB 535 Mission St, Fl. 14, San Francisco, CA 94105

+1 (888) 889 4143

San Francisco

info@digitalshadows.com +44 (0) 203 393 7001

Benefits

• Make the most of the tools you have in place.• Act faster and earlier with morerelevant context and insight.• Identify emerging trends and patterns.

www.digitalshadows.com | @digitalshadows