Solved: Asset context and/or integration with asset manage...

mikerennie · ‎09-13-2022

Hi MC team,

One of our current requirements for a Security Incident Management solution is to be able to provide quick context around an asset. One of the most time consuming tasks that an incident responder faces is to track down what the device being alerted on does, what its criticality is and who is the owner. The most effective way to do this is to integrate with an Asset Management /CMDB solution. Is this something that Mission Control can or is looking to do?

Thank you kindly,

Mike

msayar · ‎09-13-2022

Yes it is! One of the main goals for MC is to be a one-stop-shop providing an analyst all the information they need to make a decision on how to respond to incidents. Part of that goal is enriching the incident with information from various sources. You'll see that coming as Mission Control continues to evolve. If you'd like more information, feel free to reach out to your account team for a roadmap review

View solution in original post

msayar · ‎09-13-2022

Yes it is! One of the main goals for MC is to be a one-stop-shop providing an analyst all the information they need to make a decision on how to respond to incidents. Part of that goal is enriching the incident with information from various sources. You'll see that coming as Mission Control continues to evolve. If you'd like more information, feel free to reach out to your account team for a roadmap review

Asset context and/or integration with asset management/CMDB- Is this something Mission Control can or is looking to do?

other

Enter the Dashboard Challenge and Watch the .conf24 Global Broadcast!

Join Us at the Builder Bar at .conf24 – Empowering Innovation and Collaboration

Combine Multiline Logs into a Single Event with SOCK - a Guide for Advanced Users