We have integrated internal TAXI server with SIEM, also we have integrated Symantec EDR with SIEM.We plan to integrate Symantec EDR with TAXI server.
FOllowing is the Taxi server hosted internally, has anyone created Python script for exporting /fetching IOCs from TAXII server and feeding to Symantec EDR.
Is their any workaround for above or from SIEM since its correlating all logs from EDR as well TAXI server so that we can share the information to Symantec EDR for any malicious IOCs