Ransomware Alerts on ServiceNow via Storage Insights
Author - Akshat Mithal, akmithal@in.ibm.com
What is Storage Insights ?
IBM Storage Insights is an IBM SaaS product which tracks inventory, health and performance of All IBM Block and multi vendor controllers (EMC, Hitachi etc.), file controllers, switches, hosts etc., in 1 single pane of dashboard.
Storage Insights now Detects Real time Ransomware Threats
In 2023, IBM Storage Insights did Tech Preview of Ransomware Threat Detection feature for all Storage Virtualize systems.
These alerts and notifications are communicated using various mechanisms to Storage Admins via, instant alert on the Storage Insights dashboard, Email Alert and QRadar dashboard update.
In 1H2024, with the introduction of Flash Core Modules, FCM4's, Storage Virtualize and Storage Insights enabled capability to do real time ransomware threat detection via Storage Insights. This capability is now GA'd as well.
IBM Storage Insights is now integrated with ServiceNow as well which is one of the most widely used incident management system. This enables all IBM Flashsystem customers who are impacted by Ransomware to get instantly notified resulting in very swift corrective action by the Customer Admin teams.
Here is a snippet of how IBM Storage Insights integrates with ServiceNow and alerts users of Ransomware threat.
There is an enhanced security between IBM Storage Insights and ServiceNow by usage of various Authentication types like API Key, Basic Auth and OAuth2.0.