Integrate Efficiently into Existing Security Workflows
As 2020 came to an end, yet again we saw a rise in ransomware and phishing attempts. Ordr SCE 7.4.2 allows organizations to detect and track ransomware via an optimized graphical user interface (GUI) with signature improvements to expedite the incident response (IR) process. In addition, to make the rich device context easily available we have worked with joint customers to bring security vendors Anomali, Exabeam, Fortinet, IBM QRadar, and Ping Identity into our integration portfolio.
Integrating STIX/TAXII with Ordr SCE
Ordr SCE 7.4.2 introduces the ability to consume STIX and TAXII 2.1 from threat intelligence platforms (TIPs) like Anomali. This enables organizations to incorporate and extend their existing threat intelligence data to the Ordr Data Lake and address connected device security.
- Broaden the number and type of threats discovered while identifying unique threats against previously unknown devices connected to your network.
- Leverage a full ecosystem of a TIP with multiple, industry-specific threat feeds and increase the value of your existing investments.
- Augment Ordr’s expansive security controls with best-of-breed industry solutions.
SIEM Integration with Ordr SCE
Organizations can use Ordr’s rich device context and associated alarms to initiate specific workflow actions based on device type, group, manufacturer, model name and number, and more. With the Syslog and JSON over HTTPs outputs, Ordr SCE 7.4.2 integrates with SIEM tools like Exabeam and IBM QRadar by transmitting alerts, device information, and other critical information. The SIEM ingests the feed, parses the data into the proper fields, and allows the incident response team to triage with a single source of truth.
- Integrate Ordr’s insights into connected device security risks into your organizations “single pane of glass” security dashboard
- Increase efficiency for incident response (IR) workflows
- Identify security risks against device names, like “Axis P5532 Network Camera” instead of “AC:CC:8E:65:A6:B2”
- Complete visibility into every network-connected device, simplifying security, regulatory, and business reporting processes
- Can integrate with any SIEM solution capable of parsing ingested syslog, below we highlight some of the leading vendors with whom we’ve validated our integration.
SAML Integration with Ordr SCE
In addition, Ordr SCE 7.4.2 introduces SSO via SAML for Ping Identity into the growing list of IDPs that Ordr supports. SSO helps to reduce replication of username and passwords, time spent on forgotten passwords, and IT resources spent on password recovery. With the Ordr SSO integration into IDPs like Okta, Ping Identity, Oracle, etc., organizations will have centralized management and access to Ordr SCE.
- Quick and secure access to enterprise applications, websites, and data for which they have permission for increased productivity
- Proper provisioning of access for users
- Reduction in the amount of credentials one user has for multiple vendors