Solution Summary
USE CASE: DEEP VISIBILITY AND REMEDIATION
- Transform data from external sources for consumption into a security analytics engine.
- Provide deep visibility into API communications (service frontend for Kubernetes, Service, Mesh, Functions)
- Remediate malicious activity and vulnerable hosts programmatically
USE CASE: DATA TRANSFORMATION
Transform data from external sources for consumption into a security analytics engine.
- Collect and transform log and event data by field, keyword, format into the Security engine data format
- AutoFlow can collect log when deployed inline and remotely via API interaction (Splunk, Elastic)
- Forward select logs to the security analytics engine
USE CASE: API LAYER, INTEROPERABILITY
Provide deep visibility into API communications (service frontend for Kubernetes, Service, Mesh, Functions)
- Make visible shadow APIs
- Report on Shadow API use
- Log API interactions
- Make visible your API attack footprint
- API Discovery
- Log API communications
USE CASE: REMEDIATION OF MALICIOUS ACTIVITIES
Remediate malicious activity and vulnerable hosts programmatically
- Create SOAR workflows to accelerate incident response
- Security engine signals to AutoFlow API to delete malicious sessions or apply custom session routing actions (e.g. direct malicious hosts to non-production services)
- AutoFlow can apply input validation and keyword matching rules to detect malicious activity