This configuration guide provides information on prerequisites and how to integrate Zscaler ITDR with Hybrid Analysis to enhance security events generated in the Zscaler ITDR Admin Portal with additional context.

Hybrid Analysis detects and analyzes unknown threats using a file analysis approach. The analyzed data is processed and integrated into the malware analysis reports. You can send malware files to the Hybrid Analysis sandbox for testing and download reports for further analysis.

Prerequisites

Before you configure enrichment integration, ensure that you have:

• Network connectivity from the ITDR Admin Portal to the Hybrid Analysis server.
• An active Hybrid Analysis account.

• A valid Hybrid Analysis API key. To learn more, refer to the Hybrid Analysis documentation.

  See image.

  

  Close

Configuring Enrichment Integration with Hybrid Analysis

To configure enrichment integration with Hybrid Analysis:

1. Go to Orchestrate > Enrich.

2. Locate Hybrid Analysis in the table, and click the Edit icon under the Actions column.

   See image.

   

   Close

3. In the Hybrid Analysis window:

   1. Select Enabled.
   2. Enter the API key.

   See image.

   

   Close

4. Click Save.

   Enrichment integration with Hybrid Analysis is enabled.