Third-party Integrations with Advanced UEBA
Third-party Integrations with Advanced UEBA
Using the REST API to Ingest External Alerts
By using the REST API, organizations that have detections from other platforms can consume the alerts to impact the UCI. The documentation for this API endpoint can be found here.
Using the REST API to Share UCI
Admins can export the UCI to share with other platforms via the REST endpoint.
POST /api/v2/incidents/uba/getuci
The documentation for this endpoint can be found in the REST API v2 docs in the Netskope UI.
Using Cloud Exchange to Share UCI
Users’ scores can be shared with other platforms using Cloud Risk Exchange. UCI can also drive CTO (Cloud Ticket Orchestrator) to automate workflow for investigations.