Automate Security Operations
Our automation integrations with various security, devops & tracking platforms allow you to create workflows to automate co-ordination and response for new exposures or security risks. Our SLA module helps you globally drive compliance and automatically notify, escalate and track violations.
How Our Automation & SLA Modules Work
Integration with CMDB, VA & SOC
Every new application or IP is automatically correlated with the customer CMDB and sent to their Vulnerability Assessment platform for a scan.
Consolidated results are raised to their SOC via their ticketing platform and an appropriate SLA is driven based on the risk parameters.
Identifying Rogue AWS Accounts
The customer setup the dashboard to integrate with their AWS account to dynamically retrieve their instance list and compare it with our AWS inventory.
Unauthorised instances are immediately raised to the SOC via a SIEM alert for investigation and take-down.
Driving GDPR Compliance Globally
Our customer enabled GDPR modules and created additional custom rulesets to monitor their complete global inventory for GDPR violations.
A stringent SLA & escalation matrix was configured to ensure appropriate action is taken to immediately rectify any violations along with appropriate compliance reporting to the DPO.
ShadowMap supports automation integrations with a large number of security, devops & tracking platforms. By leveraging this capability along with our SLA modules, customers can create a seamless process between discovery, risk analysis, SOC review, action & tracking.
The goal is for ShadowMap to not only identify but also enable the security teams to automate workflows, trigger events, track violations and drive compliance with SLAs.
Supported Integrations
- E-mail Alerts
- SMS Alerts / Phone Calls
- Chat Systems
- Slack, Jira, HipChat
- SIEM
- ArcSight, QRadar, AlienVault, Splunk, DNIF
- SOC Platforms
- Bug Trackers
- JIRA, Mantis, Rational
- Ticketing
- JIRA, ServiceNow, Zendesk, Freshdesk
- Vulnerability Assessment
- Qualys, Nessus, Rapid7, OpenVAS
- Firewalls
- Fortinet, Sonicwall, PFSense, Barracuda
- Deception
- Smokescreen, Illusive, Attivo, TrapX
- WAFs
- Barracuda, Imperva, Citrix, F5
- CMDB
- ServiceNow, ManageEngine, BMC, IBM
- Custom API Calls
Intelligent Subsidiary & Geographic Mapping
Since ShadowMap is not based on keywords and each exposure or asset is linked to a subsidiary and geography, its possible to configure the platform to automatically map new exposures to the appropriate regional or enterprise teams.
This allows global teams to centrally drive compliance and SLAs to their regional teams. ShadowMap automatically notifies the responsible teams of the new exposures or alerts and then tracks them through the appropriate escalation matrix until closure.
Fix Patterns, Not Instances
The Automation & SLA capabilities in the ShadowMap platform, enables your team to focus on root-causes to fix and processes to setup as opposed to worrying about individual instances.
As the team continues to invest into creating workflows and addressing root-causes underneath each violation, ShadowMap continues to monitor the global inventory for recurrences and drives the relevant teams to closure.
Automatically Track, Monitor & Escalate SLAs
The powerful workflow within ShadowMap allows you to automatically track all new issues to relevant teams, track them continuously until they are appropriately rectified and automatically escalate through the escalation matrix in the case of a SLA violation.
Want to see the platform in action?
Learn more about ShadowMap and how it can help your organization.