Previous

Next

Picus Security - Inventory

Picus Security - Threats

Picus Security - Activity

Overview

Picus Security is a security validation platform that assesses and enhances an organization’s defenses. It simulates real-world cyberattacks (e.g, phishing, malware) to evaluate security controls like firewalls, intrusion prevention systems, and endpoint security solutions.

• The Picus Security Datadog Integration allows you to collect and visualize Picus Security data as logs in Datadog. The data collected includes:

• Inventory data: Picus Agents, Integrations, Integration Agents, Mitigation Devices, Simulations.

• Threats data

• Activity data

The integration includes following ready-to-use Datadog Cloud SIEM detection rules for enhanced monitoring and security:

1. Anomalous amount of failed login attempts detected in Picus Security
2. Detection of activity from a new or suspicious location in Picus Security

Dashboards

This integration includes three out-of-the-box dashboards:

1. Picus Security - Inventory: Visualizes Picus agents, integrations, integration agents, mitigation devices, and simulations data collected at a user-defined interval_for_inventory.
2. Picus Security - Threats: Shows threat data collected at the min_collection_interval.
3. Picus Security - Activity: Monitors activities performed in the Picus Security Web Application.

Cloud SIEM Detection Rules

To enable or disable Picus Security detection rules:

1. In Datadog, navigate to Security > Cloud SIEM > Detection Rules.
2. Use the query tag:"source:crest-data-systems-picus-security" to list all the rules for Picus Security.

Validation

Run the Agent’s status subcommand and look for crest_data_systems_picus_security under the Checks section.

Alternatively, use the following command to obtain detailed information about the integration:

• Linux:

  sudo datadog-agent check crest_data_systems_picus_security --log-level debug
  

• Windows:

  "%programfiles%\Datadog\Datadog Agent\bin\agent.exe" check crest_data_systems_picus_security --log-level debug
  

Support

For support or feature requests, contact Crest Data through the following channels:

• Support: datadog.integrations@crestdata.ai
• Sales: datadog-sales@crestdata.ai
• Website: crestdata.ai
• FAQ: Crest Data Datadog Marketplace Integrations FAQ

This application is made available through the Marketplace and is supported by a Datadog Technology Partner. Click Here to purchase this application.