Solved: Asset context and/or integration with asset manage...

mikerennie · ‎09-13-2022

Hi MC team,

One of our current requirements for a Security Incident Management solution is to be able to provide quick context around an asset. One of the most time consuming tasks that an incident responder faces is to track down what the device being alerted on does, what its criticality is and who is the owner. The most effective way to do this is to integrate with an Asset Management /CMDB solution. Is this something that Mission Control can or is looking to do?

Thank you kindly,

Mike

msayar · ‎09-13-2022

Yes it is! One of the main goals for MC is to be a one-stop-shop providing an analyst all the information they need to make a decision on how to respond to incidents. Part of that goal is enriching the incident with information from various sources. You'll see that coming as Mission Control continues to evolve. If you'd like more information, feel free to reach out to your account team for a roadmap review

View solution in original post

msayar · ‎09-13-2022

Yes it is! One of the main goals for MC is to be a one-stop-shop providing an analyst all the information they need to make a decision on how to respond to incidents. Part of that goal is enriching the incident with information from various sources. You'll see that coming as Mission Control continues to evolve. If you'd like more information, feel free to reach out to your account team for a roadmap review

Asset context and/or integration with asset management/CMDB- Is this something Mission Control can or is looking to do?

other

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases