Keyfactor

Cyderes supports the ingestion of a variety of resources from Keyfactor. Keyfactor provides a platform for managing digital certificates and public key infrastructure (PKI).

Supported resources:

• Audit Logs -- Command Portal configuration changes
• Certificate Operations Logs -- Enrollments, Revocations and Approvals
• Certificate Store Management Operations -- Inventory, Add, Remove of certificates from stores (F5, IIS, Azure KV, etc)

Chronicle Data Types

• KEYFACTOR

Requirements

To get events, Cyderes must receive an authentication method through Microsoft Entra, including the Azure identity with proper permissions to access Keyfactor resources.

Configuration

A Keyfactor Application will need to be created within the Azure portal, and given the proper permissions. Authentication method we use can be found here.

Gather Information

Note

Please include the credential's expiration date if available

Provide the following information to Cyderes to complete implementation:

• Identity (Azure Active Directory App)
  • Application (Client) ID
  • Directory (Tenant) ID
  • Secret ID
  • Secret Value
• Resources to enable