Updated on March 14, 2024

Bitsight ThirdPartyTrust Plugin for Log Shipper

Bitsight ThirdPartyTrust Plugin for Log Shipper

This document explains how to configure your ThirdPartyTrust integration with the Log Shipper module of the Netskope Cloud Exchange platform. This integration allows pushing alerts and events from Netskope to the ThirdPartyTrust platform.

Prerequisites

To complete this configuration, you need:

  • A Netskope tenant (or multiple, for example, production and development/test instances) that is already configured in Cloud Exchange.
  • A Netskope Cloud Exchange tenant with the Log Shipper module already configured.
  • An account on the ThirdPartyTrust platform with Admin privileges.

Workflow

  1. Get your ThirdPartyTrust API key.
  2. Configure a New Plugin Repository.
  3. Configure the ThirdPartyTrust plugin.
  4. Configure Log Shipper Business Rules for ThirdPartyTrust.
  5. Configure Log Shipper SIEM Mappings for ThirdPartyTrust.

Get your API Key from the ThirdPartyTrust Platform

  1. Go to https://app.thirdpartytrust.com and log in to an account with Admin privileges. 
  2. Go to Settings > Integrations and copy an existing API Key for later. You can also generate a new API key by clicking Generate Key.

Configure a New Plugin Repository

To add the ThirdPartyTrust plugin to your Netskope Cloud Exchange instance, you need to configure a new plugin repository. 

  1. Go to Settings > Plugin Repository and click Configure New Repository.
  2. Enter these following parameters:
  3. Click Save.

Configure the BitSight Plugin

  1. Go to Settings > Plugins, search for and select the BitSight plugin box to open the plugin creation pages.
  2. Enter a Name and select the BitSight Default Mapping, and then click Next.
  3. Enter your ThirdPartyTrust API key, and then click Save.

Configure a Log Shipper Business Rules for Bitsight

  1. Go to Log Shipper > Business Rules.
  2. Add only the page and application event_type filter values, or use the default All rule. The Bitsight plugin will only send page and application event types, discarding any other type of information.
  3. Click Save.

Configure Log Shipper SIEM Mappings for Bitsight

  1. Go to Log Shipper > SIEM Mappings and click Add SIEM Mapping.
  2. For the Source Configuration, select the Netskope CLS plugin, and for Destination Configuration, select the BitSight plugin. Select a Business Rule (or the default “All”) for this mapping.
  3. Click Save.

The information will be processed by ThirdPartyTrust daily, at night.
The Discovered Vendors tab will appear in the ThirdPartyTrust application after the first set of data is processed, so you should be able to see it the day after you configured the plugin.

Share this Doc

Bitsight ThirdPartyTrust Plugin for Log Shipper

Or copy link

In this topic ...