Slack is a vital collaboration and productivity tool for many teams, especially in organizations with collaborative cultures. “We really live and breathe in Slack,” says Laura Budge, Senior Security Analyst at UserTesting. “I ask every vendor we work with if they have an integration with Slack because it generally makes our lives easier.” Code42’s Incydr Slack Flow aims to help organizations speed their response, collaborate more efficiently and streamline their alert management processes.
“Before using the Slack Flow, when we got an alert, our team had to go into the Incydr console to find that alert, triage it, do any additional analysis and then, finally, respond,” says Laura. “I would block time in my day to triage batches of alerts at once and hope I got through the list before I had to go to my next meeting.”
With the Incydr Slack Flow, alerts go directly to the team via their private security team channel in Slack. “We can instantly identify whether or not the alert requires a response and close it directly from Slack,” explains Laura.
*This illustration is an example of the Incydr Slack Flow and does not represent UserTesting’s actual environment.
In addition to speeding up response time, the Incydr Slack Flow makes collaboration between security team members much more efficient. “When we close an alert in Slack, the entire team can see it’s been closed. So we know that we’re not duplicating work and we can more effectively decide who addresses which alerts.”
By implementing the Incydr Slack Flow, the UserTesting security team has significantly improved their response time for Insider Risk events and can work better as a team to stay on top of data loss events. “The time back has been considerable,” says Laura. “It’s just so much easier to do in Slack.”
Why Use the Incydr Slack Flow:
- Combat alert fatigue and save time so your security team can focus on what matters most
- Promote team collaboration and improve productivity
- Streamline alert management, triage and response
- Accelerate Insider Risk response times and help thwart unsanctioned data movement with highly contextual and actionable alerts delivered to your team instantly
- Remove duplicate work and encourage transparency in alert management across the security team
Check out the Slack Integration demo video to learn more about the Incydr Slack Flow and see what’s included in an alert.
*This is an example alert generated by the Incydr Slack Flow and does not represent UserTesting’s actual environment.