Do we have a any use case where we have integrated CA SDM with any one of the following SOC solution:
An early response will be highly helpful.
Thanks & Regds,
Hi Ashutosh - I am not sure on this myself as I have not personally had any customers ask about integrating with those solutions. I have also posted this to an internal space where some more folks out in the field may be able to give you some ideas here.
Anyone else out there have any ideas on this?
I'm not aware of any integration implementations with one of these Solutions as well.
Can you give us some more information about, what kind of intgration you are looking for?
There are plenty of different expectations when people are talking about integration.Typical integrations nowadays are basd on http based api's. SDM itself supports this technology in and outbound.As long these products suport the same technology layer, I'm quite sure that integrations can be build up.
Well I believe it must be for logging the incident/ticket for any secrity related incidents/breaches from the said solution... and vice versa as well... I know that we can always build it using webservices/Rest but a specific case study will be a great help to showcase..
in my case it is integrated in 2 ways 1- through the mailer when the threshold or alert must be recorded 2- by the analyst of the soc style 1st level of the servicedesk in both cases they only report incidents. From the configuration point of view I had to create a tenant for them and the staff working with the CISO and the CSO are analysts who can report requests, incidents, problems and changes in both tenant Remember that not everything that is reported in the SOC is recorded you must identify what is going to register initially and expand the pilot. I think this satisfies your concern
I changed this one into a "Discussion" - this way we can continue to throw out ideas on this and have open conversation that can evolve over time.
Retrieving data ...