Each year threat actors become savvier and deploy newer attack tactics. Organizations end up buying newer and more security tools to keep up with the bad guys. The multiplicity of security solutions cascades into heavy manual workloads for security operations team as they now have to manage and manually orchestrate security workflows amongst these 3rd party tools. The challenge is compounded by the fact that these siloed functioning tools are working on partial device insight and context with limited network access enforcement capabilities.
To address these challenges, customers leverage the Forescout device visibility and control platform to integrate with their third- party IT and cybersecurity technologies to share device context, automate workflows and accelerate response. In addition to Forescout -built-and-supported offerings, Forescout provides a community-based app ecosystem- eyeExtend Connect Apps to enable integrations with additional technologies.
3 cool things that you can do with these apps:
- App for Slack. In addition to notifying end user via email and dashboard messages, Forescout users can now use the Connect app for Slack to send real-time notification to Slack channels or directly message users via Slack. If Forescout sees a policy violation of a device gone out of compliance, you can send the information with detailed insights to your SOC channel and inform the user of out of compliance status.
- App for Global Protect VPN. This app enables organizations to provide smooth remote work experience while securing remote network access. The App provides additional visibility into the devices connected via VPN connections by gathering users and endpoints information. User can also apply predefined policy-based actions to disconnect user from the Global Protect Server in case of anomalous device behavior.
- App for Google MDM. Connect app for Google MDM, a mobile device management solution enables security team to pull device information for Chromebooks to get visibility into the MDM enrollment status of the device and information about hardware, network, security and compliance posture. The app also enables granular network access enforcement for non-compliant devices.
3 cool things about the apps:
- Easy to build. Gain the flexibility to create your own apps using universal Python scripting and JSON data exchange standard for faster time to value. Best part is that building these apps don’t require complex scripts and complicated configuration with multi steps and pages.
- Easy to consume. Select from a variety of community-built apps that are easy to deploy, customize and port across your office branches and network environments. The app consumer need not be aware of under-the-hood technology. The apps provide familiar Forescout user-interface and plug and play experience.
- Easy to share. We are not only enabling our customers to build apps; we are providing them with a platform to share their apps with their peers. This helps to build common knowledgebase where our customers can discuss their best practices and learn from each other. Forescout is building a community for sharing apps and helping harnesses the power of crowdsourcing to extend the value of your current investments.
You now have the power in your hands to unlock the potential of your current investments and elevate your security posture by easily sharing complete device context with other tools, automating workflows and accelerating system-wide response to reduce MTTR.
*** This is a Security Bloggers Network syndicated blog from Forescout authored by Minakshi Sehgal. Read the original post at: https://www.forescout.com/company/blog/3-cool-things-about-eyeextend-connect-apps/