Educause Security Discussion mailing list archives
Re: Incident response products
From: Julian Y Koh <kohster () NORTHWESTERN EDU>
Date: Thu, 28 May 2020 20:50:21 +0000
On May 28, 2020, at 15:46, Burns, Denis <denis.burns () MED FSU EDU<mailto:denis.burns () MED FSU EDU>> wrote: I hope that this finds everyone safe and healthy. The FSU College of Medicine is currently evaluating three incident response products to replace an implementation of PagerDuty. - AlertOps - OpsGenie - VictorOps FWIW – some of the integrations that we will likely want/need/implement are Splunk, ServiceNow, Slack, Teams, Sophos, and PRTG Has anyone on this list had familiarity, or currently using one of these, and if so, would you be willing to share your brief pro/con thoughts on it? We use OpsGenie at Northwestern, integrated with our SolarWinds monitoring platform. It works pretty well. We are on a basic paid plan that doesn’t tie into central authentication. Good API integrations, and it’s been very useful with respect to getting people to standardize on various practices like having a regular oncall rotation and escalation processes. -- Julian Y. Koh Associate Director, Telecommunications and Network Services Northwestern Information Technology 2020 Ridge Avenue #331 Evanston, IL 60208 +1-847-467-5780 Northwestern IT Web Site: <http://www.it.northwestern.edu/> PGP Public Key: <https://bt.ittns.northwestern.edu/julian/pgppubkey.html> ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- Incident response products Burns, Denis (May 28)
- Re: Incident response products Julian Y Koh (May 28)