Third-party Integrations with Advanced UEBA

Third-party Integrations with Advanced UEBA

Using the REST API to Ingest External Alerts

By using the REST API, organizations that have detections from other platforms can consume the alerts to impact the UCI. The documentation for this API endpoint can be found here.

Using the REST API to Share UCI

Admins can export the UCI to share with other platforms via the REST endpoint.

POST /api/v2/incidents/uba/getuci

The documentation for this endpoint can be found in the REST API v2 docs in the Netskope UI.

Using Cloud Exchange to Share UCI

Users’ scores can be shared with other platforms using Cloud Risk Exchange. UCI can also drive CTO (Cloud Ticket Orchestrator) to automate workflow for investigations.