Quick Start Security for PingSafe
Thank you!
We got your information.
PingSafe - Security Extension
PingSafe is a cloud security platform that helps businesses manage regulatory compliance, system vulnerabilities, cloud credential leakage, and more. It is a comprehensive cloud native application protection platform (CNAPP) that has all the necessary components to safeguard your multi-cloud environment and infrastructure.
Coralogix Extension For PingSafe Includes:
Alerts - 4
Stay on top of PingSafe key performance metrics. Keep everyone in the know with integration with Slack, PagerDuty and more.
High Severity Alert
This alert detects all PingSafe logs that have high severity. Impact Depends on the type and parameters of the log. Please check the logs for more details. Mitigation To further investigate the alert, check fields like 'pluginTitle', 'message', 'recommendedAction' in the log if these fields are present (can change per log). Also, check for any repeating alerts for the same user/machine/ip and adjacent logs.
Medium Severity Alert
This alert detects all PingSafe logs that have medium severity. Impact Depends on the type and parameters of the log. Please check the logs for more details. Mitigation To further investigate the alert, check fields like 'pluginTitle', 'message', 'recommendedAction' in the log if these fields are present (can change per log). Also, check for any repeating alerts for the same user/machine/ip and adjacent logs.
Low Severity Alert
This alert detects all PingSafe logs that have low severity. Impact Depends on the type and parameters of the log. Please check the logs for more details. Mitigation To further investigate the alert, check fields like 'pluginTitle', 'message', 'recommendedAction' in the log if these fields are present (can change per log). Also, check for any repeating alerts for the same user/machine/ip and adjacent logs.
No logs from PingSafe
This rule detects if there are no logs in the last 24 hours for PingSafe in the customer account. Note- This alert should configured with relevant app & subsystem. Impact Disabling logging is a tactic that adversaries might employ as part of various MITRE ATT&CK techniques to avoid detection, cover their tracks, or impede incident response investigations. Mitigation Address logging concerns to ensure comprehensive monitoring within the Coralogix SIEM system. MITRE Tactic: TA0005 MITRE Technique:T1562
Integration
Learn more about Coralogix's out-of-the-box integration with PingSafe in our documentation.