Skip to main content
Introducing Polarity Intel Edition: Streamlining Intel Distribution for SecOps
Polarity Intel Edition
Request a Demo

ThreatConnect and PagerDuty: Better Alert Management

ThreatConnect has released a Playbook App for joint customers to leverage PagerDuty. With this new Playbook App, you can easily monitor alarms and notify team members when necessary – leading to a more efficient and effective security team.

PagerDuty is a real-time operations platform to manage alerts and escalations for system administrators and support teams. It collects alerts from your environment, gives you an overall view of your monitoring alarms, and alerts an on-duty engineer when there’s a problem.

Through this integration, the following use cases are now available:

  • Get Team and On-Call Information to remediate or escalate quickly
    • As part of a security process, you can run a Playbook to get Team and On-Call information and then use that information to automatically assign a case or notify a specific team or team member when an escalation occurs. Additionally, the Playbook has access to the Contact Methods and Notification rules so that the right notification mechanism is used based on time of day and other factors. By assigning cases and escalations to the right team at the right time, you operate more efficiently.
  • Open an Incident Ticket in PagerDuty and automatically link to Case in ThreatConnect
    • As part of a security investigation, you may need to open an Incident ticket in PagerDuty for another team to track work, such as an infrastructure change request.  You can use the Create Incident action to create the Incident in PagerDuty and link it back to the Case in ThreatConnect. By automatically linking cases and incidents between the platforms, you ensure your various security teams stay informed. 

The following actions are available through this integration:

  • Create Incident
  • List Teams
  • List On calls
  • List Services
  • List Users
  • List User Contact Methods
  • List User Notification Rules
  • Advanced Request

With our Playbooks App for PagerDuty, you can now monitor alarms and notify team members when necessary.  If you’re a ThreatConnect customer, please reach out to your dedicated Customer Success Team for more information on utilizing the PagerDuty App. If you’re not yet a customer and are interested in ThreatConnect and this integration, contact us at sales@threatconnect.com.

About the Author

ThreatConnect

By operationalizing threat and cyber risk intelligence, The ThreatConnect Platform changes the security operations battlefield, giving your team the advantage over the attackers. It enables you to maximize the efficacy and value of your threat intelligence and human knowledge, leveraging the native machine intelligence in the ThreatConnect Platform. Your team will maximize their impact, efficiency, and collaboration to become a proactive force in protecting the enterprise. Learn more at www.threatconnect.com.