ITDR
About Enrichment Integration
You can integrate Zscaler ITDR with various third-party data enrichment solutions to add relevant contextual information to the security events that are generated in the Zscaler ITDR Admin Portal.
Enrichment integration provides the following benefits and enables you to:
- Obtain meaningful insights into the security event logs generated in the ITDR Admin Portal. For example, events can be enriched with contextual information from geolocation tools, third-party threat intelligence databases, sandbox analysis reports, etc.
- Reduce false positives, which allows you to manage security threats efficiently.
About the Enrich Page
On the Enrich page (Orchestrate > Enrich), you can do the following:
- View a list of all configured enrichment integrations. For each integration, you can see:
- Enabled: Indicates if the enrichment integration is enabled or not.
- Settings: The name of the third-party security solution.
- Configure enrichment integrations on the following supported solutions: