Demisto integrates with Forescout for orchestration of device management for IT and OT security

To drive business transformation, organizations are connecting previously disparate networks, creating new data flows between enterprise IT devices, cloud-based applications and operational technology (OT) systems. With the increased business benefits also comes increased risk as threat actors can now move laterally across newly interconnected networks to access sensitive information or cause business disruption.

To effectively manage security for converging IT and OT networks, Demisto’s leading SOAR platform integrates with Forescout’s unified device visibility for IT and OT to streamline and automate device monitoring and control across these networks. This enables organizations to manage all their devices and orchestrate actions that mitigate both cyber and operational risk.

Integration Features

  • Ingest Forescout alerts to orchestrate IT and OT network security incident response from within Demisto via automated playbooks
  • Get detailed data of IT/OT assets from Forescout for use in automated playbooks and analyst investigations
  • Perform investigation of OT threats originating from IT such as connectivity with infected machines, malware behavior, and unauthorized access
  • Run thousands of commands (including for Forescout) interactively via a ChatOps interface while collaborating with other analysts and Demisto’s chatbot

Download this Solution Brief to learn more about the integraton’s benefits and use cases such as

  • Automated IT and OT security enrichment and response
  • Interactive, real-time investigation for complex IoT and device threats

Do not hesitate to contact your local Exclusive Networks Account Manager for more information on both the Demisto SOAR platform and the Forescout device visibility and control solution.