• Home
  • Blog
  • Streamline Incident Response with Komodor and Squadcast

Streamline Incident Response with Komodor and Squadcast

With the growing popularity of Kubernetes as a container orchestration platform powering the microservices revolution, comes greater complexity with managing, monitoring, and responding to incidents at scale.  Challenges with real production environments include full visibility into your clusters and environment’s health, alongside real-time incident management and response.

This is why Komodor has partnered with Squadcast to provide modern engineering teams with the powerful tools to achieve 360º visibility and battle-tested incident management for their Kubernetes operations.

Cloud Security & Reliability Made Easy

Squadcast is an incident management platform that provides real-time alerts, collaboration tools, and incident response workflows to help teams respond quickly and effectively to incidents. Komodor addresses the challenge of comprehensive Kubernetes monitoring by providing real-time visibility into access control, resource usage, and network traffic, alongside real-time threat detection and response capabilities, helping security teams respond to incidents more quickly.

Through Squadcast’s real-time alerts, incident prioritization, and automated escalation and notification capabilities, coupled with Komodor’s real-time visibility into Kubernetes environments––it is now possible to gain proper comprehensive monitoring and make the right incident management decisions in high-pressure times like incident response.

The two platforms work together seamlessly to help security teams detect and respond to security incidents more rapidly.

Benefits of the Partnership

The partnership between Squadcast and Komodor offers several benefits for K8s users by being natively integrated into each other’s dashboards.  Through this integration, you can add Komodor to your Squadcast dashboard as an alert source to start managing incidents in Squadcast based on a K8r alert detected by Komodor.  You can also add Squadcast into Komodor by creating a new Monitor by adding the webhook in the Komodor UI.

This native integration makes it possible to both open incidents and automatically close incidents in Squadcast based on Komodor alerting.  By using Komodor in conjunction with Squadcast, customers can enjoy faster detection and response times, improved collaboration between security teams, and a reduced risk of data breaches. This can help them improve their overall security posture, reduce the risks in their K8s clusters and environments, and reduce alert and dashboard fatigue.

Route detailed alerts from Komodor to the right users in Squadcast.

Using Komodor as an Alert Source

Navigate to Services -> Service Overview -> select or search for your Service. Expand the accordion -> In the Alert Sources section, click Add.

komodor-squadcast-integration

Select Komodor. Copy the displayed Webhook URL to configure it within Komodor. Finish by clicking Add Alert Source -> Done.

komodor-webhook-incident-response

Important: When an alert source turns Active, it’ll show up under Configured Alert Sources, you can either generate a test alert from the integration or wait for a real-time alert to be generated by the Alert Source. An Alert Source is active if there is a recorded incident via that Alert Source for the Service.

Create a Squadcast Webhook Alert in Komodor

(1) Login to Komodor. Navigate to the Monitors page, choose your desired cluster and specific monitor

(2) Now, On the Edit Role section, select Webhook as the notification definition. Click on Add New Webhook and put in the Name and paste the previously copied Squadcast Webhook URL in the Webhook URL placeholder. Then click on Save Monitor

komodor-monitor-configure

That’s it, you are good to go! Your Squadcast integration is now complete.

Whenever Komodor fires an alert, an incident will be created in Squadcast for it. Once Komodor sends a close alert, it will automatically be resolved in Squadcast as well.

Conclusion

Integrating Squadcast with Komodor offers a comprehensive solution for K8s monitoring and incident response. By combining the strengths of these two platforms, customers can enjoy real-time alerts, incident prioritization, and automated escalation and notification capabilities, as well as faster detection and response times, improved collaboration, and reduced risk of data breaches. We encourage readers to explore more about this integration by referring to the documentation provided by both companies. Proactive monitoring and incident management are critical for K8s security, and Squadcast and Komodor offer powerful tools to help you achieve these goals.