ITDR

Enrichment Configuration Guide for Joe Sandbox

This configuration guide provides information on prerequisites and how to integrate Zscaler ITDR with Joe Sandbox to enhance events that are generated in the Zscaler ITDR Admin Portal with additional context.

Joe Sandbox is a cloud-based malware sandbox that detects and analyzes malware samples. You can send malware files to Joe Sandbox for testing and download reports for further analysis.

Prerequisites

Before you configure enrichment integration, ensure that you have:

Network connectivity from the ITDR Admin Portal to the Joe Sandbox API server.
An active Joe Sandbox account.
Obtained the Joe Sandbox API key. In the Joe Sandbox console, go to User Settings > API Key to obtain the API key.

Configuring Enrichment Integration with Joe Sandbox

To configure enrichment integration with Joe Sandbox:

Go to Orchestrate > Enrich.
Locate Joe Sandbox in the table, and click the Edit icon under the Actions column.
See image.
Close
In the Joe Sandbox window:
1. Select Enabled.
2. Enter the API key.
See image.
Close
Click Save.
Enrichment integration with Joe Sandbox is enabled.

ITDR

Enrichment Configuration Guide for Joe Sandbox

Prerequisites

Configuring Enrichment Integration with Joe Sandbox

Was this article helpful? Click an icon below to submit feedback.

Related Articles