May Monthly Tech Talk: Normalizing Multi-cloud Security Notifications
Join the May session to learn how TriggerMesh open source cloud native integration technology normalizes and transforms multi-cloud security event notifications into a standard security event that can be routed and utilized by Security Information Event Management (SIEM) systems (e.g. Splunk, Azure Sentinel, IBM Security QRadar).
This 30-minute webinar will cover:
- Capturing security notifications from Oracle Cloud via Confluent Kafka, from third parties via Google Pub/Sub, and from Azure Defender
- How TriggerMesh transforms and "decorates" these events into the standard CSNF format
- How the canonical CSNF data store facilitates rapid ingestion by any number of SIEM/SOAR systems, like Splunk, Azure Sentinel, IBM Security QRadar
Enterprises are multi-cloud, and Cloud Service Providers emit security notification data in varying formats, which can complicate and slow down analysis and remediation. The Automated Cloud Governance working group at ONUG, spearheaded by FedEx, Cigna, Intuit, Fidelity, and vendors TriggerMesh, Oracle, Microsoft, IBM, and others revealed the Cloud Security Notification Framework (CSNF) at ONUG Spring 2022. CSNF aims to provide a standardized method and architecture to normalize and automate these security events to accelerate analysis and remediation.