About CTM360 CTM360 CyberBlindspot
CTM360 CyberBlindspot is used to help organizations stay ahead of external cyber threats. It offers full-spectrum visibility with capabilities like Digital Risk Protection, Attack Surface Monitoring, and Threat Intelligence enabling proactive threat discovery and risk mitigation across your digital footprint.
By integrating with SIRP, we enhance threat insights with context and automate response actions turning detection into rapid defense.
For SOC teams it provide real-time visibility across external assets, contextual threat intelligence, automated incident response and precise validation of threat indicators.
Together, CTM360 CyberBlindspot and SIRP deliver an integrated, efficient threat response ecosystem helping security teams work smarter, respond faster, and reduce risk at scale.
Supported Actions
SIRP’s CTM360 CyberBlindspot integration app allows you to execute the following actions:
S.no | Actions | Description |
1 | Get Incidents | Pulls Incidents from CTM360 CyberBlindspot |
2 | Get malware logs | Pulls malware logs from CTM360 CyberBlindspot |
3 | Get breached credentials logs | Pulls breached credentials logs from CTM360 CyberBlindspot |
4 | Get card leaks logs | Pulls card leaks logs from CTM360 CyberBlindspot |
5 | Post Comment | Push comments on CTM360 CyberBlindspot |
6 | Close Incidents | Close incident on CTM360 CyberBlindspot |
7 | Incident Request Takedown | Incident Request Takedown on CTM360 CyberBlindspot |
Enable and Configure the CTM360 CyberBlindSpot App
Create CTM360 CyberBlindspot API Credentials
Follow these steps to generate the CTM360 CyberBlindspot API credentials (which will be later used in SIRP to enable the CTM360 CyberBlindspot App:
Log in to your CTM360 instance.
Click on the start console dropdown then select CyberBlindspot.
3. Click Configuration option and then Integrations.
4. Select Explore Now.
5. For API KEY generation click configure in Rest API.
5. Create API key by selecting Name and Member and copy generated API key.
Once the API key is generated it will look like this.
Configure The SIRP App
Next, log in to SIRP, then go to Apps from the left navigation bar
Locate the CTM360 CyberBlindspot App.
Click on the Toggle button to enable the app.
As soon as you enable the App, you will get an option to add the configuration details.
Create Ingestion Source
In order to start ingesting records from CTM360 CyberBlindspot through API, you need to create a new ingestion source and enable it.
1. Go to Administration section from the left-hand navigation bar
2. Go to Automation > Ingestion Sources
3. Click on Add Source
4 . Fill the fields in the ingestion form as shown in the image above:
Status: Enable
Ingestion Method: API
Format: JSON
Name: CTM360 CyberBlindSpot (This can be any name to distinguish this ingestion source)
Ingestion Type: Incident
Applications: CTM360 CyberBlindspot
Actions: GET INCIDENTS
5. Click Save button to create the new ingestion source.
6. The last step after creating an ingestion source is mapping the data fields ingested from CTM360 CyberBlindspot with the fields available in SIRP. After you create the ingestion source, you will get a new configuration icon under the Actions column. Click on the icon to configure the fields.
7. Configure the field mapping as shown in the following screenshot and click Save.
After enabling the ingestion source, SIRP will start to call CTM360 CyberBlindspot's API every 1 minutes to check for any new records. If SIRP finds any record, it will start ingesting the record within its database.
The results will be visible in the Incident Management module. The Alert tab will list all the ingested records.