Comodo Help
Find the desired product help
SOCaaP

SOCaaP

Version 2.2

English

Print Help
SOCaaP XDR
  • Introduction
    • Logging-in To The SOCaaP Console
  • Dashboard Overview
    • Summary
    • Alerts,Incidents And Website Vulnerabilities
    • Customer Health
  • SOCaaP Alerts/Escalations
    • Log-in To The Admin Console
    • The Home Screen
    • Service Summary
    • Incidents Overview
      • Incidents
      • Threat Summary
    • Log Collection Summary
    • Threat Communication Graph
    • Tickets
    • Reports
    • Notification Settings
    • Integrate Your Office 365 Account With SOCaaP
  • SOCaaP XDR
    • Log-in To The Admin Console
    • The Main Interface
    • Eveny Query
      • Configure Event Queries
    • Report Generation
    • Administration
      • Event Collection
      • Phantom Settings
      • Manage Users
    • Appendix 1 – Field Groups And Event Items Description
    • Appendix 2 –SOCaaP Supported Logs
  • SOCaaP Web Protection
    • Add Websites
    • The Main Interface
    • The Dashboard
    • Website Data And Settings
      • Website Overview
      • Security Scans
        • Website Scans
        • Website Files Security Scans
          • Malware Scan Settings
            • Automatic Configuration
            • Manual Configuration
          • Run A Scan And View Results
          • Notifications, Malware Removal And Scheduled Scans
        • Vulnerability Scans
          • CMS Vulnerability Scans
          • OWASP Top 10 Vulnerability Scans
      • Content Delivery Network
        • Activate CDN For A Website
        • CDN Settings
        • View CDN Metrics
      • Firewall
        • WAF Statistics
        • WAF Events
        • Configure WAF Policies
        • Manage Custom Firewall Rules
      • SSL Configuration
      • DNS Configuration
      • Add Trust Seal To Your Websites
      • Back Up Your Website
        • Backup Settings
        • On-Demand Backup
        • View Backup Records And File Statistics
        • Restore And Download Website Files
        • Delete Backups
    • Manage Your Profile
  • Sensor Installation
    • Requirements
    • (Option 1) Create Installation Media
    • (Option 2) Deploy Virtual Machine Environment
      • Create A New Virtual Machine
      • Configure Memory Size
      • Configure Hard Disk
      • Configure Hard Disk File Type
      • Configure Storage On Physical Hard Disk
      • Configure Size Of Virtual Hard Disk
      • Configure Network Settings
      • Select VM Startup Disk
    • Sensor Installation Steps
    • Sensor Configuration Steps
      • Login To The Web Portal
      • User Settings
      • Configure Network
      • Configure Timezone
      • Key Activation
      • (Optional) Valkyrie Key Verdict
      • (Optional) Forward Log
  • Frequently Asked Questions
  • About Xcitium Security Solutions

SOCaaP XDR


SOCaaP is a security intelligence and event management product (XDR) built exclusively for MSPs to help them grow their business. SOCaaP features advanced event log monitoring, built-in reporting, multiple pre-set queries, a powerful custom-query interface, automatic assignment of incidents to personnel, customizable dashboards and real-time alerts. SOCaaP multi-tenancy architecture enables MSPs to manage their customers from a single deployment and benefit from "big data" scalability as their log sizes increase.

XDR 

XDR: “extended Detection and Response” is a capability that arose from the needs of SOC teams and threat hunters. It not only delivers visibility into data across networks, cloud and endpoints, but also provides chaining of the missing pieces all together, adding the context and creating traceable events of actions between various sources and dimensions of telemetry data. With XDR the security teams should be able to: 





Features

        1.Use it effectively for their daily threat hunting tasks using automated analysis, data pivoting, baselining etc. 

        2.Seeing the context of the data sources and relationship between different alerts 

        3.Merge different context of information into common model, correlate them, track hidden threats. 

        4.Collaborate over cases and increase the productivity of the people operating the SOC. 

        5.Close investigations more quickly and efficiently.


    Guide Structure

    This guide is intended to take you through the configuration and use of SOCaaP and is broken down into the following main sections.
    • SOCaaP SIEM
    • Log-in to the Admin Console 
      • The Main Interface
        • The Dashboard
        • Customer Asset Management
        • Add Customers
        • Add Assets for Monitoring
        • Configure Nxlog and Rsyslog to Send Logs to SOCaaP Server
        • Edit Customers
        • Query Management
        • Configure Event Queries
        • Long Term Analysis
        • Configure Custom Dashboards
        • Event Field Selection Settings
          • Manage Rules
          • Manage Correlation Rules
          • Manage Tagged Rules

          • Manage Aggregation Rules
          • Incidents
          • Manage Incidents
          • Incident Category Management
          • Category Action Management
              • Lists
              • Manage Live Lists
              • Manage Live List Content
              • Manage Range List Content
              • Manage IP Range List Content
              • Manage Multiple Column Lists Content
                • Manage Reports
                • Administration
                • Event Collection
                • Phantom Settings
                • Manage Users
                • View License and Subscription Details
                • Appendix 1 - Field Groups and Event Items Description
                • Appendix 2 – SOCaaP Supported Logs
                Our Products
                • Free Antivirus
                • Free Internet Security
                • Website Malware Removal
                • Free Anti-Malware
                • Anti-Spam (Free Trial)
                • Windows Antivirus
                • Antivirus for Windows 7
                • Antivirus for Windows 8
                • Antivirus for Windows 10
                • Antivirus for MAC
                • Antivirus for Linux
                • Free Endpoint Security
                • Free ModSecurity
                • Free RMM
                • Free Website Malware Scanner
                • Free Device Manager for Android
                • Free Demo
                • Network Security
                • Endpoint Protection
                • Antivirus for Android
                • Comodo Antivirus
                • Wordpress Security
                Cheap CDN
                • Bootstrap CDN
                • Semantic UI CDN
                • Jquery CDN
                • CDN Plans
                • CDN
                • Free CDN
                Enterprise
                • Patch Management Software
                • Patch Manager
                • Service Desk
                • Website Down
                • Endpoint Protection Solutions
                • Website Security Check
                • Remote Monitoring and Management
                • Website Security
                • Device Manager
                • ITSM
                • CRM
                • MSP
                • Android Device Manager
                • MDR Services
                • Managed IT Support Services
                • Free EDR
                Free SSL Certificate
                Support Partners Terms and Conditions Privacy Policy

                © Comodo Group, Inc. 2025. All rights reserved.