ThreatConnect and PagerDuty: Better Alert Management

ThreatConnect has released a Playbook App for joint customers to leverage PagerDuty. With this new Playbook App, you can easily monitor alarms and notify team members when necessary – leading to a more efficient and effective security team.

PagerDuty is a real-time operations platform to manage alerts and escalations for system administrators and support teams. It collects alerts from your environment, gives you an overall view of your monitoring alarms, and alerts an on-duty engineer when there’s a problem.

PagerDuty Playbook App

Through this integration, the following use cases are now available:

  • Get Team and On-Call Information to remediate or escalate quickly
    • As part of a security process, you can run a Playbook to get Team and On-Call information and then use that information to automatically assign a case or notify a specific team or team member when an escalation occurs. Additionally, the Playbook has access to the Contact Methods and Notification rules so that the right notification mechanism is used based on time of day and other factors. By assigning cases and escalations to the right team at the right time, you operate more efficiently.
  • Open an Incident Ticket in PagerDuty and automatically link to Case in ThreatConnect
    • As part of a security investigation, you may need to open an Incident ticket in PagerDuty for another team to track work, such as an infrastructure change request.  You can use the Create Incident action to create the Incident in PagerDuty and link it back to the Case in ThreatConnect. By automatically linking cases and incidents between the platforms, you ensure your various security teams stay informed. 

The following actions are available through this integration:

  • Create Incident
  • List Teams
  • List On calls
  • List Services
  • List Users
  • List User Contact Methods
  • List User Notification Rules
  • Advanced Request

With our Playbooks App for PagerDuty, you can now monitor alarms and notify team members when necessary.  If you’re a ThreatConnect customer, please reach out to your dedicated Customer Success Team for more information on utilizing the PagerDuty App. If you’re not yet a customer and are interested in ThreatConnect and this integration, contact us at sales@threatconnect.com.

About the Author
Jeff Quist

Jeff Quist, Product Marketing Manager at ThreatConnect, has 9 years of experience in Sales, Marketing, Product Management, and Product Marketing, mainly in technology and financial services. His professional experience and empathy for customers and partners help him to develop engaging marketing content and empower sales teams. Jeff lives in New York City and in his free time, he enjoys sketching, reading sci-fi novels, and supporting the Boston Bruins.