Deprecate Symantec EDR Cloud integration #11915
Labels
Integration:symantec_edr_cloud
Symantec EDR Cloud
Team:Security-Service Integrations
Security Service Integrations Team [elastic/security-service-integrations]
Comments
jamiehynds
added
the
Team:Security-Service Integrations
|
Pinging @elastic/security-service-integrations (Team:Security-Service Integrations) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We currently have two integrations covering the same Symantec platform, causing user confusion and overlap between two integrations.
Symantec EDR Cloud covers Incidents via Symantec's API. Symantec Endpoint Security covers the same incidents, but also events via object storage.
Rather than maintaining two integrations, can we add a deprecation notice to EDR Cloud and advise customers to move to the SES integration. We can then remove the EDR Cloud integration in 9.0.
The text was updated successfully, but these errors were encountered: