BlockAPT

The added value

ESET PROTECT combines antimalware scanning, spam filtering, anti-phishing, and proactive threat defense to protect organizations against infections and targeted attacks. With advanced threat detection, it actively stops emerging threats before they can cause harm.

BlockAPT provides a centralized security management platform with advanced technology for seamless IT infrastructure management, enhanced cyber protection, and minimized potential risk exposure.

The ESET PROTECT and BlockAPT integration delivers a comprehensive cybersecurity solution that provides the following benefits:

•Accelerated threat detection—Leverage advanced correlation and automated analysis to identify threats in real time, reducing Mean-Time-To-Detect (MTTD) times across your environment.

•Enhanced incident response—Streamline remediation workflows through orchestrated actions and automated playbooks, significantly decreasing security incidents' Mean-Time-To-Respond (MTTR) times.

•Optimized security operations—Eliminate manual tasks through intelligent automation, enabling security teams to focus on strategic initiatives rather than routine operations.

•Comprehensive risk reduction—Strengthen the security posture through unified visibility, centralized management, automated controls and advanced defense mechanisms that minimize exposure to cyber threats.

Integration type

•API-based integration

How to enable the integration

Part I: Create a new Network Access Protection policy

Create a new Network Access Protection policy on your ESET PROTECT instance by following the steps below:

1.Navigate to your ESET PROTECT instance > Policies > New Policy.

2.Type the policy Name, Network Access Protection - BlockAPT. Add the policy Description with the [playbook] tag, and click Continue.

3.In the Select product drop-down menu, select Common features and click Network Access Protection.

4.Click Edit next to IP sets in the Network Access Protection section.

5.Click Add in the IP sets window. Type the IP set Name, BlockAPT - Network Access Protection, and click Save.

6.Click Save in the IP sets window.

7.Click Edit next to Rules in the Firewall section.

8.Click Add in the Rules window. Select Remote Host and click Edit next to IP sets in the Add rule window.

9.Select the IP set created in step five, BlockAPT - Network Access Protection, and click Save.

10.Click Save in the Add rule window.

11.Click Save in the Rules window.

12.Click Continue and click Finish.

See the Policies Online Help pages for more information about ESET PROTECT policies.

Part II: Configure the integration on the BlockAPT side

Ensure you have a dedicated API user account created and proceed with integration configuration on the BlockAPT side using the detailed instructions on the BlockAPT Customer Portal.

˄˅