In today's fast-paced digital landscape, staying one step ahead of potential security threats is paramount. Real-time security notifications serve as the frontlines of defense, enabling swift actions that can prevent potential breaches and minimize damage.
The integration with popular collaboration platforms like Microsoft Teams and Slack marks a pivotal advancement in security workflows.
We are introducing new capability to post events from Flowmon ADS into Teams channel or Slack to instantly notify security teams. Integrations scripts are based on simple webhooks and available out of the box on our support portal both for Teams and Slack.
Notification via Teams
Let’s look at posting events into Teams. Whenever there is a high severity event detected it get instantly posted into specific channel. The result in Teams may look like this. (Picture 1: Event posted in Teams channel)
Most important information is highlighted. There is an active link from event ID which leads to event details in Flowmon ADS. This event represents a situation when a new, previously unknown device, is connected to the network.
Security team can now communicate about the event via Teams as they are used to. When there is a need for drill down to more details in Flowmon ADS it is one click away. (Picture 2: Event details in Flowmon ADS. Drill down from event summary in Teams.
How to set it up?
Configuration is easy. First you need to configure an Incoming webhook in Teams and get unique URL. Next you need Flowmon hostname or its IP address. It is required parameter to be able to construct URL pointing back to event details. Install the Teams integration custom script obtained from our support portal and create a custom action using the script.
Summary
In conclusion, the fusion of Flowmon ADS with Microsoft Teams and Slack heralds a new era of efficient and effective security management. The seamless transition from high-level notifications to detailed event insights within Flowmon ADS ensures that no crucial information is overlooked.
Pavel Minarik
As Acting CISO at Progress, Pavel Minarik is responsible for overseeing enterprise-wide information security strategy, risk management and regulatory compliance. His role is focused on aligning security initiatives with business objectives, strengthening security posture, building resilient security programs and leading cross-functional teams in complex, fast-paced environments.
As Vice President of Product Security at Progress, he is responsible for the secure software development life cycle across all Progress products, defining and implementing product security standards and ensuring that security is inherent to the product development practice. As part of M&A initiatives, Pavel leads the product security reviews and assessments during technical due diligence.
In his previous role as Vice President of Technology, he was responsible for overarching technology strategy of Progress’ Infrastructure Management products such as Flowmon, Loadmaster and WhatsUp Gold as well as experimental development in this area. With his experience as the former CTO of Flowmon Networks (acquired by Progress) Pavel led the product management for the flagship NPMD & NDR product Flowmon. Flowmon is a solution for IT professionals that enable businesses to ensure their services are running well and securely, and their workforce is productive.
As a former senior researcher at the Institute of Computer Science of Masaryk University, Pavel has participated in several research and development projects in the domain of network traffic monitoring, analysis and cybersecurity. He is also the author of more than ten publications on behavior analysis and algorithms for traffic processing and anomaly detection summarized in his PhD thesis “Building a System for Network Security Monitoring.”