PagerDuty Securd Integration
Trigger Securd alerts to PagerDuty, so you can remediate cyber security incidents faster.
1. Perform the PagerDuty Setup Process first.
PagerDuty Setup Process
Login to PagerDuty, go to the Configuration menu and select Services.
On the Services page:
- If you are creating a new service for your integration, click Add New Service.
- If you are adding your integration to an existing service, click the name of the service you want to add the integration to. Then click the Integrations tab and click the New Integration button.
In the Integration Type menu, select from the following based on your preference:
- Select Tool : Search and select Securd.
- Enter an Integration Name "Securd". If you are creating a new service for your integration, in General Settings, enter a Name for your new service.
- In Incident Settings, specify the Escalation Policy , Notification Urgency , and Incident Behavior for your new service.
- Click the Add Service or Add Integration button to save your new integration.
You will be redirected to the Integrations page for your service.
Do this AFTER performing the PagerDuty Setup.
2. DigitalStakeout Securd Setup Proceess
- Above the Protection Menu, Select a Company.
- Under the Protection Menu, Click on Company Settings.
- Click on the Alerting/PagerDuty Tab.
- Set alerting to Enable. You will see that Pager Duty Status is "Not Connected"
- Click on Connect PagerDuty. You will be redirected to the PagerDuty website. Once you login, you will select the "Securd" Service you created above.
- Once you have selected the Service, Click on the Connect button.
- You will be redirected back to your Company Settings. The Status will say Connected.
Congratulations! You have completed the integration with PagerDuty and Securd.
All your threat events will now be sent directly to PagerDuty. When a threat event is sent to PagerDuty, an incident will be created. This incident will correspond with a block event in your Securd logs. The full payload of the passive DNS record will be appended to your PagerDuty incident.One Integration Per CompanyYou can add multiple PagerDuty Integrations to your Securd account. However, each company (tenant) is limited to one service integration.
Threat Hunting with Securd
A cloud-based DNS firewall, such as Securd, can be an effective tool for threat hunting by security analysts. Here is a step-by-step guide on how a security analyst can use Securd for threat hunting: Set up Securd: The first step in using Securd for ...
Enabling DNSSEC in Securd
DNSSEC (Domain Name System Security Extensions) is a security protocol that provides authentication for DNS data. It is used to protect the internet's global Domain Name System (DNS) infrastructure from various types of attacks, such as spoofing and ...
Securd URL Proxy
Securd URL Proxy analyzes web traffic for high risk URLs. It examines the domain and full URL of request to determine if it is a threat. The targeted proxy performs HTTPS security analysis of good sites that are exploited to deliver cyber attacks. ...
Point Windows DNS to Securd
Getting started with Windows (Agent and Agentless) Securd currently supports Windows 7, 8, 8.1, 10, Server 2008, Server 2012, Server 2016, and Server 2019 with .NET Framework 4.5+. Required Ports Securd endpoints will require access to connect to ...
Securd Dashboard Overview
Note: Each company (tenant) has a unique dashboard. Learn more about companies. The Securd dashboard provides administrators with a high-level time-based summary into key security metrics and information about a company's underlying activity. Threat ...