Meet ComplAIIntelligence: Your AI-powered teammate for risk & complianceLearn more
All integration guides

Help Center · Integration guide

Securonix Unified Defense SIEM

Complete reference for Securonix Unified Defense SIEM — product details, ComplAI connection steps, GRC evidence mapping, and troubleshooting. All information is hosted in the Propel Ready Solutions Help Center.

Product information

Cloud-native SIEM with UEBA and SOAR.

Deployment
SaaS (cloud)
Fully managed cloud service — no infrastructure to host. Typically connected via REST APIs, OAuth, or webhooks over HTTPS.
Categories
SIEM

Key capabilities

  • Threat detection
  • Insider threat
  • SOAR
  • Data lake

Typical use cases

  • Centralized log ingestion and retention for security monitoring
  • Detection rules, alerts, and SOC case management metrics

Connection methods

  • REST API for searches and dashboards
  • Webhook or email alert forwarding
  • Scheduled report exports
  • SOAR playbook status APIs

Documentation topics

Review the following areas in Securonix Unified Defense SIEM admin and product documentation before connecting to ComplAI:

  • Admin console setup and service account creation
  • API authentication, scopes, and rate limits
  • Audit log export and retention settings
  • Security hardening and least-privilege configuration

ComplAI integration overview

Securonix Unified Defense SIEM integrates with ComplAI to support Propel Ready Solutions's GRC program. Cloud-native SIEM with UEBA and SOAR. This guide covers product context, the recommended connection process, prerequisites, and verification steps for audit-ready evidence collection.

Last updated: 2026-06-24

GRC evidence available

  • Log source health and ingestion volume
  • Detection rule coverage
  • Open and closed incident counts
  • Mean time to detect/respond
  • Threat detection metrics and configuration evidence
  • Insider threat metrics and configuration evidence

Prerequisites

  • Named integration owner and backup contact at Propel Ready Solutions
  • Change request approved per Propel Ready Solutions change management policy
  • Network egress allowlisting completed if required by vendor
  • ComplAI organization administrator access
  • Admin or integration-builder role in Securonix Unified Defense SIEM
  • Securonix Unified Defense SIEM product documentation reviewed (see Documentation topics below)

Integration process

  1. Step 1

    Plan Securonix Unified Defense SIEM integration scope

    Confirm which Threat detection and Insider threat capabilities will be connected first. Start with read-only ingestion before enabling write actions.

  2. Step 2

    Identify log sources and parsing requirements

    Inventory systems whose logs must reach the SIEM (IdP, EDR, cloud audit, firewalls, applications) and confirm parsing/normalization.

  3. Step 3

    Connect ComplAI to SIEM export or API

    Configure API keys or webhook forwarding so ComplAI can read detection metrics, case status, and log ingestion health.

    • Enable read access to dashboards or saved searches for control evidence
    • Document retention periods aligned to policy (typically 12+ months)
    • Validate timezone and timestamp normalization (UTC recommended)
  4. Step 4

    Align detections to control objectives

    Map critical detection rules to ISO A.8.15/A.8.16 and incident response procedures.

  5. Step 5

    Establish SOC runbooks

    Document triage, escalation, and closure steps; store runbook links in ComplAI control evidence.

  6. Step 6

    Mark integration complete in ComplAI

    Update integration status to Connected, attach configuration evidence, and link mapped controls in the Controls library.

GRC benefits

  • Log retention and monitoring evidence for A.8.15–A.8.16 and SOC 2 CC7.2
  • Incident detection and response workflow integration
  • SOC metrics and detection coverage for leadership dashboards

Related controls

ISO A.8.15ISO A.8.16ISO A.5.24–A.5.28SOC 2 CC7.2SOC 2 CC7.3

Verification checklist

  • Integration credentials stored securely and rotation scheduled
  • Test sync completed successfully with sample records
  • Error alerting configured for failed sync or API rate limits
  • Control mappings documented in ComplAI
  • Evidence sample exported and reviewed by control owner
  • Runbook link attached to related controls

Troubleshooting

Authentication or API permission errors

Verify API scopes, token expiry, and service account status in the vendor admin console. Regenerate credentials if needed.

Partial or stale data in ComplAI

Check sync schedule, pagination limits, and filter rules. Run a full reconciliation sync after correcting configuration.

Network connectivity failures

Confirm firewall egress rules, proxy settings, and IP allowlists on both sides of the integration.