Cyren SentinelOne IOC Automation

The Cyren SentinelOne IOC Automation solution integrates Cyren's IP reputation threat intelligence feed with Microsoft Sentinel. It automatically retrieves known malicious IP addresses from Cyren and pushes them to SentinelOne as threat IOCs for automated blocking and detection.

This solution includes:

• Logic App playbook for automated Cyren IP reputation IOC retrieval
• Automated threat IOC submission to SentinelOne via API
• Scheduled execution for continuous threat intelligence updates

Prerequisites:

• Microsoft Sentinel workspace
• Cyren API credentials (IP Reputation feed access)
• SentinelOne management console with API access