https://kb.solcyber.com/supported-data-sources-categories/ids-ips-utm-threat-detection/Recent content in IDS/IPS/UTM Threat Detection on SolCyber KnowledgebaseHugoenhttps://kb.solcyber.com/supported-data-sources-categories/ids-ips-utm-threat-detection/aws-guard-duty/Mon, 01 Jan 0001 00:00:00 +0000https://kb.solcyber.com/supported-data-sources-categories/ids-ips-utm-threat-detection/aws-guard-duty/<h2 id="retrieve-the-detector-id">Retrieve the Detector ID <a href="#retrieve_the_detector_id" id="retrieve_the_detector_id"></a><a class="anchor" href="#retrieve-the-detector-id">#</a></h2> <p>To find the <code>detectorId</code> in the current Region, see the <em><strong>Settings</strong></em> page in the GuardDuty console, or run the <a href="https://docs.aws.amazon.com/guardduty/latest/APIReference/API_ListDetectors.html">ListDetectors</a> API.</p> <figure><img src="https://kb.solcyber.com/assets/Screenshot 2025-08-21 at 11.54.05 AM.png" alt=""><figcaption></figcaption></figure> <p>You will need to provide the <strong>detectorID</strong> to SolCyber.</p> <h2 id="authorize-the-iam-user">Authorize the IAM User <a href="#authoriz" id="authoriz"></a><a class="anchor" href="#authorize-the-iam-user">#</a></h2> <ol> <li>Create an IAM service account to user for Securonix log ingestion. You may already have one if you have previously configured CloudTrail logs for Securonix.</li> <li>Authorize the IAM User using the steps under <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_change-permissions.html">Change permissions for an IAM user</a>. When prompted during the configuration, attach the <code>AmazonGuardDutyReadOnlyAccess</code> AWS managed policies to the authorized user.</li> <li>Copy and save the <strong>Secret Key</strong>, and <strong>Access ID</strong> and provide these values to SolCyber.</li> </ol>https://kb.solcyber.com/supported-data-sources-categories/ids-ips-utm-threat-detection/azure-security-center/Mon, 01 Jan 0001 00:00:00 +0000https://kb.solcyber.com/supported-data-sources-categories/ids-ips-utm-threat-detection/azure-security-center/<ol> <li> <p>Open the <strong>Azure Active Directory</strong> resource in the Azure Portal.</p> </li> <li> <p>Click <strong>App registrations</strong> &gt; <strong>New Registration</strong>.</p> <p><img src="https://documentation-be.securonix.com/bundle/securonix-cloud-user-guide/page/content/resources/images/active-deployment-guides/microsoft/azure-identity-protection-1.png?_LANG=enus" alt="" /></p> </li> <li> <p>Provide a name, and select the account scope to Single tenant.</p> </li> <li> <p>Click <strong>Register</strong>.</p> </li> <li> <p>Click on the new application created on the App registration screen.</p> </li> <li> <p>Copy the <strong>Client ID</strong> and <strong>Tenant ID</strong>, and then click <strong>View API permissions</strong>.</p> <p><img src="https://documentation-be.securonix.com/bundle/securonix-cloud-user-guide/page/content/resources/images/active-deployment-guides/microsoft/azure-identity-protection-2.png?_LANG=enus" alt="" /></p> </li> <li> <p>Click <strong>Add a permission</strong>, and then click the <strong>Microsoft Graph API</strong>.</p> <p><img src="https://documentation-be.securonix.com/bundle/securonix-cloud-user-guide/page/content/resources/images/active-deployment-guides/microsoft/azure-identity-protection-3.png?_LANG=enus" alt="" /></p>