ITDR
Enrichment Configuration Guide for Hybrid Analysis
This configuration guide provides information on prerequisites and how to integrate Zscaler ITDR with Hybrid Analysis to enhance security events generated in the Zscaler ITDR Admin Portal with additional context.
Hybrid Analysis detects and analyzes unknown threats using a file analysis approach. The analyzed data is processed and integrated into the malware analysis reports. You can send malware files to the Hybrid Analysis sandbox for testing and download reports for further analysis.
Prerequisites
Before you configure enrichment integration, ensure that you have:
- Network connectivity from the ITDR Admin Portal to the Hybrid Analysis server.
- An active Hybrid Analysis account.
A valid Hybrid Analysis API key. To learn more, refer to the Hybrid Analysis documentation.
Configuring Enrichment Integration with Hybrid Analysis
To configure enrichment integration with Hybrid Analysis:
- Go to Orchestrate > Enrich.
Locate Hybrid Analysis in the table, and click the Edit icon under the Actions column.
In the Hybrid Analysis window:
- Select Enabled.
- Enter the API key.
Click Save.
Enrichment integration with Hybrid Analysis is enabled.