Duo   API Connector

Qualys API Connector

Multi-factor authentication from Cisco's Duo protects your applications by using a second source of validation, like a phone or token, to verify user identity before granting access. Duo is engineered to provide a simple, streamlined login experience for every user and application, and as a cloud-based solution, it integrates easily with your existing technology.

Track your Duo MFA data in Stratiam and surface insights alongside other data-sets.

Duo API Connector

Example widgets from the Duo MFA data-suite...

Active Directory Connector
0

Total Users

Track the number of devices in your Duo setup.

Monitor this alongside total devices in your IT Infrastructure using Stratiam then cross-correlate these against other security protection signals, for example Cylance, Cybereason and Breach Aware.

Active Directory Inactive Users
0

Bypass Users

This is the count of authentications in which the authentication has been skipped for a user in bypass mode.

Active Directory Admins
0

Authentications

This is the count of authentications completed using Duo Security's two-factor authentication service.

Denied Authentications
0

Denied Authentications

Denied Authenticaion relates to access being denied to users not enrolled in Duo. Users must be enrolled before attempting authentication, by using one of the automatic enrollment options, bulk self-enrollment, or manual enrollment by a Duo administrator.

High Denied Authentication attempts can suggest a possible active attacks on your IT security and are so worth monitoring in Stratiam.

0

Operating Systems.

Recently, Duo observed a decline in overall ransomware attacks, an increase in malicious coinminers, and a marked evolution of popular threats like Emotet. Overall Malware attacks rose by 10% as attackers continued to hone their tools, skills, and tactics to threaten Windows, macOS, and various IoT platforms.

Carefully monitor these, and others, within Stratiam to add value to your overall IT Security strategy.


Example chart types from the Duo MFA data-suite...

Chart types are an enhancement beyond what would be available in the native Duo platform and are an example Stratiam value-added features. Actual platform visualisations may differ to what is demonstrated in the concepts below. All charts have linked drill-paths for further data-exploration.

Total Authentications, Success Authentications & Denied Authentications

Monitor authentications by type over time. Example shows ficticious data for the last 30 days.



Active / Inactive Users

Monitor volumes of inactive, active and total users by MFA authentications.



Exploring Threats

Explore threats in Cylance alongside their Active Directory setup. Then use the combined signals from both to cross-correlate and surface completely unique views.




Connecting to Duo via our API connector is easy, you simply need to request a trial, after which we'll help set you up with your API credentials, select visualisation types and relevant permissions to get started. If you have other data-services you are interested in connecting to, we'd recommend checking out our other data-connectors.