What does ChatOps have to do with managing your attack surface?
In recent years the application industry has demanded faster development and release cycles, which has in-turn seen a rise in popularity of DevOps, and with it the benefits of making sure that development and platforms are fully integrated when deployed.
For many DevOps organisations, the CI/CD process is embedded within the collaboration tools that they use every day, like Slack, Teams and Discord. From a group channel, they can use chat bots to trigger processes (like builds and deployments) and also to receive updates on the application status, any failures etc. This is the heart of ChatOps: the merging of collaborative chat groups with CI/CD tool sets.
Now obviously, every time that a new deployment is pushed, or every time that a test platform is built, there is an inherent risk that something may not work as intended. Unintentional functionality may be enabled in a new version of a dependency or service. And scripts may fail, leaving systems in a state of partial configuration.
By integrating attack surface management with ChatOps you can close that loop. So, when a test system is deployed (changing the attack surface) you can also get notifications sent straight to your ChatOps channels, and more than that, you can also trigger a vulnerability scan, or whatever else you would like. Which should mean that any failures are picked up proactively, not months from now, after an attacker does.
At scarlet, we think the tools you choose should be integrating with the way your staff already work, not the other way around. Because at the end of the day, who wants yet another monthly pie-chart to look at?
But don’t take our word for it, why not just give it a try? There’s a free, unrestricted trial available, and you only need an email address to register. You could literally be up and running, and seeing the value in ten minutes.