Skip to main content

SailPoint IdentityNow

SailPoint IdentityNow content pack enables XSOAR customers to utilize the deep, enriched contextual data in the SailPoint IdentityNow platform to better drive identity-aware security practices.

SailPoint IdentityNow

Overview

Digital transformation has opened up opportunities for greater agility and growth in today’s modern enterprises. But it’s also introducing challenges. Digital transformation has introduced an explosion of cloud, applications, data, and users to manage. Being able to effectively control ‘who can have access to what’ is the key and if not done properly can lead to potential risk to your business.

To address this potential risk, organizations are embracing the power and ease of SailPoint Identity Security. This innovative identity platform takes the complexity out of identity; making it intuitive for IT staff to configure and manage and enabling business users with the access they need to get their work done.

The SailPoint IdentityNow content pack enables XSOAR customers to utilize the deep, enriched contextual data and governance capabilities of the SailPoint Identity Security to better drive identity-aware security practices.

Requirements

This content pack is compatibility with SailPoint IdentityNow.

Important Note

This integration pack does not fetch incidents from IdentityNow. It rather utilizes "Generic Webhook" to create incidents on event triggers published by IdentityNow. One can achieve this by following the steps below:

  1. Configure Cortex XSOAR Platform - Use the following link to configure Cortex XSOAR platform to initiate receiving of Event Triggers from IdentityNow platform.
  1. Enable & Configure the Event Handler - IdentityNow Event Trigger can forward the events occurring within the platform to any external services/platform that have subscribed to the list of triggers available in IdentityNow. Request the IdentityNow team to enable/provide you with the 'identitynow-events-pan-xsoar' event handler designed for Cortex XSOAR. This is a standalone .nodejs microservice that assists with event trigger transform and relaying to Cortex XSOAR.
    Following is a list of environment variables (added to the app.config.js) needed to configure this microservice:
Environment Variable Description
XSOAR_WEBHOOK_URL This is the webhook URL that will be available once you configure the "Generic Webhook" in step 1.
XSOAR_USERNAME Username to connect to the "Generic Webhook".
XSOAR_PASSWORD Password to connect to the "Generic Webhook".
  1. Configure IdentityNow Platform - Use the following link to configure IdentityNow platform to subscribe to event triggers.

Once you have configured all the above steps, whenever an event trigger will occur in IdentityNow, it will notify Cortex XSOAR (as Incidents) using the above setup.

PUBLISHER

SailPoint

INFO

CertificationRead more
Supported ByPartner
CreatedMarch 22, 2021
Last ReleaseDecember 21, 2021
ComplianceAccessIdentity And Access ManagementIncident Response
WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER
Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.