New! PagerDuty and Evident.io Integration
Streamline AWS Security Management with PagerDuty and Evident.io
This is a guest blog post by John Martinez, Principal Solution Architect at Evident.io.
At Evident.io, one of our core beliefs is that security tools should be simple to use and make the job of security teams easier, not harder. One of the ways we do that is by ensuring that Evident security alerts are always actionable. So, it came as no surprise that our customers started asking us to integrate the Evident.io security platform with PagerDuty, an Operations Performance Platform that makes identifying and resolving incidents easier and faster.
The Evident.io Security Platform (ESP) is a cloud-first security and threat analysis service for AWS. ESP provides security best practice checks that give you visibility into your part of the AWS Shared Security Responsibility model. This visibility can scale from one to thousands of AWS accounts and dives deep into many AWS services.
Evident announced integration with PagerDuty at the end of last year, and we’re excited to recap it on the PagerDuty blog. As a proponent of merging Security with DevOps, we want to enable our customers with integrations to the services they use to manage their business. Many of our customers already use PagerDuty to receive alerts from their infrastructure monitoring systems, and we wanted to include their security alerts in the same place.
By receiving ESP alerts through PagerDuty, you can make sure alerts will get noticed. Within PagerDuty, you can configure your on-call schedules and escalation rules to determine how to route alerts. Additionally, each team member can set their own personal notification preferences so they can receive notifications on whatever devices they choose.
It’s easy to get started. You can connect the two services in 5 minutes or less with easy-to-use interfaces. Within ESP, you can select alert severity and even specific signatures based on what you’d like to be sent to PagerDuty. After configuring the integration, you’ll begin seeing incidents in PagerDuty after ESP completes its next security check. You can get full instructions for getting started in the Integration Guide.
One of our core goals is that security alerts should always be actionable. Once you receive a PagerDuty alert, you can drill-down from the incident to view all of the details and suggested remediation in ESP. And once you’ve resolved the alert in your AWS console, API or CloudFormation stack, ESP will automatically resolve the incident in PagerDuty.
Combine this integration capability with our API/SDK and Custom Signatures: you’ve got a powerhouse of Security *and* DevOps at your disposal.
Feel free to email me at email@example.com with questions and feedback!