Blog

See You at the RSA Conference!

by Dave Cliffe February 28, 2019 | 6 min read

At PagerDuty, we’re counting down the days until the RSA Conference! Why? Because, in addition to being excited to see everyone there, we also have lots of new information to share—information in line with this year’s conference theme: Better. More specifically, how to improve security at your organization by having better processes and better collaboration.

There are a lot of security tools out there, even ones that plug into your DevOps toolchain, but many security analysts are still struggling to keep up with the rapid state of change due to being flooded with alerts without any context on the applications themselves and what’s expected—or specifically what’s not. Even when an active threat or security vulnerability is accurately detected, the response is often slowed down by inefficient processes and poor collaboration with development and operations engineers.

With these challenges in mind, we wanted to better support our 1000+ security customers and the DevSecOps movement in general. In addition to open-sourcing our security training and incident response, we’ve also extended our over 300 integrations to include partners across SIEM, SOAR, threat intelligence, vulnerability management, compliance, cloud and apps security, and more.

With so many partners, it can be tough to keep track of them all, so we’re excited to share some of our top security integrations partners below.

Top Security Partner Integrations

AppSec/Cloud

In addition to offerings from cloud providers, such as AWS GuardDuty, AWS Security Hub, and Microsoft’s Cloud App Security, we wanted to highlight many of our other partners in this space:

Aqua Security provides full development-to-production security across the CI/CD pipeline and runtime environment, providing users with end-to-end visibility and protecting applications against attack.

CloudGuard Dome9 from Check Point is a comprehensive software platform for public cloud security and compliance orchestration. Using Dome9, organizations can visualize and assess their security posture, detect misconfigurations, model and actively enforce security best practices, and protect against identity theft and data loss in the cloud. View the CloudGuard Dome9 integration guide.

Palo Alto Networks enables teams to prevent cyberattacks with an automated approach that delivers consistent security through latest breakthroughs in automation and analytics. View the integration guide

Signal Sciences next-gen WAF and RASP solution provides organizations working in a modern development environment with comprehensive and scalable threat protection and security visibility, via its patented architecture that protects over 10,000 applications and over a trillion production requests per month. View the Signal Sciences integration guide.

Templarbit prevents attacks on applications and APIs before they affect the business by leveraging artificial intelligence to analyze data in order to build up a scalable defense.

Threat Stack enables DevOps and SecOps teams to identify risky behavior across their entire cloud infrastructure by providing full stack cloud security observability from the control plane to the application layer. View the Threat Stack integration guide.

Twistlock is the first-ever purpose-built solution for containers and cloud native security. The company provides full-stack, full-lifecycle container and cloud native cybersecurity for teams using Docker, Kubernetes, serverless, and other cloud native technologies. View the Twistlock integration guide.

SIEM

AlienVault (an AT&T Company) enables organizations to detect and respond to threats anywhere they appear—public clouds, on-prem networks, endpoints, SaaS apps, even the dark web. View the AlienVault integration guide.

IBM QRadar helps security teams detect and prioritize threats across the enterprise by consolidating log events and network flow data distributed throughout networks.

LogRhythm is a security intelligence and analytics platform that enables organizations to detect, contain, and neutralize cyber threats using threat lifecycle management.

Logz.io is built on Kibana and Grafana, providing users with one unified platform for monitoring, troubleshooting, and security. View the Logz.io integration guide.

Rapid7 combines live endpoint visibility with log analytics using InsightOps (formerly LogEntries), an easy-to-use log management and analytics service for teams of all sizes. View the LogEntries integration guide.

Splunk connects machine data so teams can gain insights into business opportunities and risks, and provide real-time answers organizations can use to meet customer expectations and business goals. View the Splunk integration guide.

Sumo Logic is a cloud-native machine data analytics company that provides businesses with real-time operational, business and security insights across their modern applications and cloud infrastructures to support DevSecOps initiatives and provide the best customer experiences. View the Sumo Logic integration guide.

SOAR (Security Orchestration Automation & Response)

CyberSponse’s CyOPs platform is a holistic and enterprise-built security orchestration and security automation workbench that empowers security operation teams by providing them with the means to work smarter and respond in near real time.

Demisto’s platform combines security orchestration, incident management, and interactive investigation to enable scalable, accelerated incident response across the enterprise. View the Demisto integration guide.

DFLabs’ IncMan SOAR platform integrates security tools to provide intelligence, knowledge sharing, and seamless workflows to security programs so teams can detect, respond to, and remediate all alerts leading to potential incidents as fast as possible.

Swimlane is a SOAR solution founded to deliver scalable and flexible security solutions to organizations struggling with alert fatigue, vendor proliferation and chronic staffing shortages. Swimlane’s solution helps organizations address all security operations needs, including prioritizing alerts, orchestrating tools and automating the remediation of threats—improving performance across the entire organization.

Vulnerability

Expel takes a transparent approach to managed security. Customers have the same visibility as Expel’s analysts and can watch as investigations unfold, see that status of an alert and receive details about what happened written in plain English. Expel also provides recommendations based on your environment, including steps you can take to fix the root cause of recurring problems. See the Expel integration guide.

Nucleus integrates with over 30 vulnerability scanning tools and numerous ticketing/alerting systems in order to consolidate, prioritize, and automate vulnerability data management and remediation workflows across your entire technology stack.

Find PagerDuty at DevSecOps Day!

The RSA Conference is the perfect opportunity to connect with these partners and the PagerDuty Security team! We’ll be around all week, starting on DevSecOps Day on March 4. Find us on the Expo floor, presenting alongside our partners or email us to schedule a meeting at RSA. Check out the schedule below—we look forward to seeing you there!

Presentation Schedule:

Monday, March 4
9:00 a.m. – 4:00 p.m., Aqua Security Joint Demo @ DevSecOps

Tuesday, March 5
10:30 a.m., DFLabs, Booth 3104, South Expo
11:30 a.m., Sumo Logic, Booth 2145, South Expo
2:30 p.m. Twistlock, Booth 3119, South Expo

Wednesday, March 6
10:30 a.m., DFLabs, Booth 3104, South Expo
1:00 p.m., Twistlock, Booth 3119, South Expo
2:05 p.m., Swimlane, Booth 567, South Expo
5:30 p.m., Templarbit, Fireside Chat, Intercontinental Hotel

Thursday, March 7
12:05 p.m., Swimlane, Booth 567, South Expo
1:00 p.m., Twistlock, Booth 3119, South Expo