Mobile alerting with tracking & escalation for Shuffle
Shuffle is an automation platform for and by the community, focusing on accessibility for anyone to automate. Security operations is complex, but it doesn’t have to be. You can use Shuffle on premise or in the cloud.
SIGNL4 extends Shuffle and adds app-based mobile alerting and incident response including push, SMS text, voice calls, escalations and collaboration. The integrated duty planning helps you to schedule your team’s on-call duties and allows you to see who is on duty at any given time.
How it Works
Shuffle uses webhooks to submit alert information to SIGNL4. You can simply configure it by using the available SIGNL4 App in Shuffle. Specifically the integration helps you with the following.
Forwards Shuffle events to SIGNL4 for mobile alerting
Uses Webhooks to connect to your SIGNL4 team
Staff can acknowledge and take ownership for critical events that occur
Communicate within an alert to address a particular problem
Alerts are escalated in case of no response
On-call scheduling to alert the right people at the right time
Close alerts in SIGNL4 if the issue is detected as resolved in Shuffle
24×7 SecOps with on-call staff
Critical SecOps Alerting
Customer service hotline
Anywhere critical incidence response
On-call scheduling of IT / network teams
Significantly shorter response times for security incidents, thus shorter mean time to repair (MTTR)
Ensures attention for critical alerts and minimizes false alerts
Clear responsibilities and transparent ownership of security incidents
Collaboration with team members when assistance is needed
Events in Shuffle are sent to SIGNL4 via HTTP request
Event categorization, routing and automated delivery
Persistent Notifications by push, text and voice call with Tracking, Escalation and Confirmation to Staff on Duty
HOW TO INTEGRATE
Log in to the Shuffle web portal to configure SIGNL4 alerting.
Logon to the Shuffle portal and go to Workflows. You can create or use your own workflow as you like. There is also a sample workflow that uses the SIGNL4 app. Just search for SIGNL4 in the public workflows.
In your workflow you can add the SIGNL4 App and configure it accordingly. There are two Actions available here, one for sending alerts (Send Alert) and one for closing alerts (Close Alert). When closing alerts you need to use the same External ID as for the alert you have sent before.
As Team Secret you specify your SIGNL4 team secret.
That’s it and now your SIGNL4 team will receive alerts whenever Shuffle detects a critical event.
ALERT OPTIMIZATION SIGNL4 can further increase the visibility of alerts through its Signals and Services section. Augmenting the color and icon of alerts will provide more relevant information at a glance without having to open the alert.
Change alert color and override title + text
Override text, colors and titles are triggered by keywords set within the mobile app.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.