Why Security Observability?
Security Observability helps organizations better understand their environments' complexities and security threats while providing real-time visibility to help prevent, detect, and remediate security issues. With the security integration into SolarWinds® Hybrid Cloud Observability, you can now see security-related events across networks, infrastructures, applications, and databases. It provides powerful observability capabilities to help customers identify risks, vulnerabilities, and compliance status on a dedicated security dashboard, assisting teams to focus on critical issues without drowning in telemetry data streams across complex and distributed infrastructures. This also helps break down IT silos and fosters cross-domain correlation and collaboration.
Vulnerability and Risk Dashboard
This feature gives customers a new perspective to identify infrastructure-related risks and vulnerabilities. Thereby assisting them in prioritizing and reducing risk in important assets by enabling them to comprehend the severity of the risk. Risk-based prioritization is the benchmark for managing mounting cyber threats and remediating the most significant risks.
The risk score is calculated based on the CVE scoring for each node, and the infrastructure score is calculated by aggregating the node scores.
Security Summary Dashboard from ARM, SEM, and others
With the addition of Security Event Manager (SEM) and Access Rights Manager (ARM) into SolarWinds® Hybrid Cloud Observability, customers can now monitor their security and compliance status on a dedicated security dashboard. A correlated, node-based events dashboard from SEM and ARM in the appropriate Hybrid Cloud Observability node details page is also provided.
- This integration covers security-related events, metrics, and activities combined with Hybrid Cloud Observability data
- The security dashboard shows summary widgets from SEM and ARM, essential updates from SolarWinds Patch Manager, and firmware vulnerabilities information
SEM Security Dashboard
Gain visibility into crucial security activities and metrics using the SEM security dashboard. Using summary data of generic saved searches from SEM enables IT teams to use real-time event correlation to identify and act on suspicious network activities.
- The widgets show SEM-saved queries scheduled to execute real-time event correlation to identify and act on suspicious activities.
- Actions are initiated based on severity levels (OK/critical/warning)
Node details in Hybrid Cloud Observability
Leverage node-based correlation of SEM and ARM compliance and events data.
For those Hybrid Cloud Observability nodes under the management of SEM and ARM, relevant widgets will appear on the node details page.
- SEM provides event data available for all nodes it supports
- ARM provides data for specific Active Directory (AD) nodes
Benefits of Security Observability
Key benefits of this security integration are:
- Gain insights into the whole internal state of complex distributed systems/environments
- Single source of truth to simplify decision-making
- Minimize the time to identify security risks and issues
- Understand the security posture of the environment
- Reduces alert fatigue
- Troubleshoot incidents faster
See how SolarWinds Hybrid Cloud Observability can help you on your digital transformation journey
Hybrid Cloud Observability
- Infrastructure, network, and application performance observability
- Physical and virtual hosts, SD-WAN, and device monitoring
- Automated discovery and dependency mapping