icon-itdr.svg
ITDR

About Enrichment Integration

You can integrate Zscaler ITDR with various third-party data enrichment solutions to add relevant contextual information to the security events that are generated in the Zscaler ITDR Admin Portal.

Enrichment integration provides the following benefits and enables you to:

  • Obtain meaningful insights into the security event logs generated in the ITDR Admin Portal. For example, events can be enriched with contextual information from geolocation tools, third-party threat intelligence databases, sandbox analysis reports, etc.
  • Reduce false positives, which allows you to manage security threats efficiently.

About the Enrich Page

On the Enrich page (Orchestrate > Enrich), you can do the following:

  1. View a list of all configured enrichment integrations. For each integration, you can see:
    • Enabled: Indicates if the enrichment integration is enabled or not.
    • Settings: The name of the third-party security solution.
  2. Configure enrichment integrations on the following supported solutions:

Related Articles
About Enrichment IntegrationEnrichment Configuration Guide for Hybrid AnalysisEnrichment Configuration Guide for Joe SandboxEnrichment Configuration Guide for Palo Alto Networks WildFireEnrichment Configuration Guide for ShadowserverEnrichment Configuration Guide for VirusTotal