Hello QRadar SOAR Community,
The SOAR team is happy to announce our first QRadar SOAR + Salesforce Service Cloud integration, now available on the IBM App Exchange.
Salesforce is the number one CRM application serving over 150,000 customers globally. Given the sheer volume of sensitive customer information, this can open the door to major security risks for your organization.
With QRadar SOAR, ITOps and SecOps teams can seamlessly integrate into the Case Management feature of Salesforce Service Cloud. Existing Service Cloud customers can now leverage QRadar SOAR to escalate both security and non-security incidents for remediation and response.
The following examples cover two common use-cases where we can showcase the power of IBM Security and Salesforce Service Cloud in action:
-
Data exfiltration (accidental or malicious)
-
An ex-employee exports their customer list(s) to take with them to a new job or competitor.
-
A support team member deals with a critical customer escalation while away from the office, requiring a download of customer PII to their personal device.
-
In addition, this is a critical use-case to highlight the power of our Privacy Breach Response module.
-
Real-Time Event Monitoring
-
For existing QRadar SIEM users, IBM Security supports a range of Salesforce Security DSMs for Salesforce Security and Salesforce Security Auditing. These DSMs collect Security Auditing audit trail logs and Security Monitoring event logs from your Salesforce console.
-
Any Salesforce activity that QRadar SIEM determines to be a security incident can be escalated to QRadar SOAR through our QRadar SIEM Plug-In, where SecOps teams can facilitate remediation and response activities.
The SOAR team is excited to get this integration into the hands of our Salesforce Service Cloud customers. We look forward to your feedback, and as always, appreciate your on-going support of the QRadar SOAR product.