CYFIRMA Attack Surface
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
| Attribute | Value |
|---|---|
| Connector ID | CyfirmaAttackSurfaceAlertsConnector |
| Publisher | Microsoft |
| Used in Solutions | Cyfirma Attack Surface |
| Collection Method | CCF |
| Connector Definition Files | CyfirmaASAlerts_DataConnectorDefinition.json |
| CCF Configuration | CyfirmaASAlerts_PollerConfig.json |
| CCF Capabilities | APIKey |
Tables Ingested
This connector ingests data into the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
CyfirmaASCertificatesAlerts_CL |
? | ✓ | ? |
CyfirmaASCloudWeaknessAlerts_CL |
? | ✓ | ? |
CyfirmaASConfigurationAlerts_CL |
? | ✓ | ? |
CyfirmaASDomainIPReputationAlerts_CL |
? | ✓ | ? |
CyfirmaASDomainIPVulnerabilityAlerts_CL |
? | ✓ | ? |
CyfirmaASOpenPortsAlerts_CL |
? | ✓ | ? |
💡 Tip: Tables with Ingestion API support allow data ingestion via the Azure Monitor Data Collector API, which also enables custom transformations during ingestion.
Permissions
Resource Provider Permissions: - Workspace (Workspace): Read and Write permissions are required.
Setup Instructions
⚠️ Note: These instructions were automatically generated from the connector's user interface definition file using AI and may not be fully accurate. Please verify all configuration steps in the Microsoft Sentinel portal.
1. CYFIRMA Attack Surface
Connect to CYFIRMA Attack Surface to ingest alerts into Microsoft Sentinel. This connector uses the DeCYFIR/DeTCT API to retrieve logs and supports DCR-based ingestion time transformations, parsing security data into custom tables during ingestion. This eliminates the need for query-time parsing, enhancing performance and efficiency. - CYFIRMA API URL: https://decyfir.cyfirma.com - CYFIRMA API Key: (password field) - API Delta: API Delta - Click 'Connect' to establish connection
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊