Augmentt is readying faster, automated security alerting for its cloud management platform.
Due to ship August 29th, the new functionality will let users of Augmentt Secure, the vendor’s SaaS security module, view and act on notifications from Microsoft and Google about issues like a user shutting off multifactor authentication or logging into Microsoft 365 from two different countries simultaneously. Preset rules for processing alerts based on their type, severity, and other variables will let organizations customize what the system calls to their attention, and what it does in response.
“We already collect information about threats,” says Derik Belair, Augmentt’s CEO. “We haven’t been doing that real-time alerting, where you can do filters and escalate the ones that you want. That’s the piece we’re adding.”
The update will give technicians one place to both see threat alerts and remediate them, by resetting a password, modifying a security policy, or suspending a user, for example.
“You’ll be able to do all of that from one console,” Belair says. “It really just ties the whole platform together.” The system will also have the ability to execute some response measures, like reapplying a disabled policy setting, automatically to contain potentially serious incidents before they can do significant damage.
Subscribers will be able to automatically send alert emails to specific administrators as well, and open tickets automatically in their PSA solution. The latter feature is compatible with any PSA product capable of creating tickets based on incoming email messages.
Augmentt introduced a free tool called the Augmentt Email & Notification Console offering similar functionality last month. That system, however, reads and responds to emails that can arrive as much as 15 or 20 minutes after Microsoft first issues an alert. The new capabilities, which will be available to all Augment Secure users at no extra charge, draw directly on Microsoft APIs to provide real-time notification.
Augmentt plans to follow up its new alert capabilities later this year with a wide range of automation features aimed at boosting technician productivity. The vendor’s Engage management solution, for example, will let users schedule and automatically run multi-step user provisioning processes involving steps like attaching a license, creating a mailbox, setting passwords, and applying security policies.
“All of those things will just happen in the background,” Belair says, noting that users will be able to create different provisioning sequences for different employee roles and profiles, like salesperson or customer service rep.
Comparable de-provisioning functionality also now in development will let administrators automatically log departing users out of their account, recover their license, give managers access to their mailbox, and more.
Forthcoming additions to Augmentt Secure include support for a broader range of automated remediation actions. Augmentt Discover, which helps users inventory all of an organization’s known and unknown SaaS solutions (as well as desktop solutions since March), will soon be able to prevent end users from accessing banned or dangerous web applications.
“It’s very easy for us to block the user from being able to access the URL, or through integration with the DNS vendor, physically block access if they’re on the corporate network,” Belair says.
In June, Augmentt announced an agreement with cyber insurance broker SeedPod Cyber to help companies that use both Secure and Discover get discounted coverage by validating that cyber insurance applicants have security best practices in place.