Cyren Threat Intelligence
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊
| Attribute | Value |
|---|---|
| Connector ID | CyrenThreatIntel |
| Publisher | Cyren |
| Used in Solutions | CyrenThreatIntelligence |
| Collection Method | CCF |
| Connector Definition Files | Cyren_ConnectorDefinition.json |
| DCR Definition Files | Cyren_DCR.json |
| CCF Configuration | Cyren_PollerConfig.json |
| CCF Capabilities | APIKey, Paging |
| Custom Log V1 Tables | Yes 🔶 — ingests into tables with type-suffixed columns |
| Microsoft Learn | View on Learn |
Ingest IP reputation and malware URL indicators from Cyren using the Common Connector Framework (CCF).
Tables Ingested
This connector ingests data into the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
Cyren_Indicators_CL 🔶 |
✗ | ✓ | ✗ |
💡 Tip: Tables with Ingestion API support allow data ingestion via the Azure Monitor Data Collector API, which also enables custom transformations during ingestion.
Permissions
Resource Provider Permissions:
- Workspace (Workspace): Read and write permissions required
Custom Permissions:
- Cyren JWT Tokens: JWT tokens stored in Azure Key Vault or provided at deployment time.
Setup Instructions
⚠️ Note: These instructions were automatically generated from the connector's user interface definition file using AI and may not be fully accurate. Please verify all configuration steps in the Microsoft Sentinel portal.
1. Connect Cyren Threat Intelligence
To enable the Cyren Threat Intelligence connector, provide your JWT tokens below and click Connect.
- IP Reputation JWT Token: (password field)
- Malware URL JWT Token: (password field)
- Click 'Connect' to establish connection
For enhanced security, you can enable Key Vault integration to store and retrieve the JWT tokens.
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · Logic Apps · 📊