ICDx is a platform that enables enterprises to collect, aggregate, normalize, correlate and analyze alerts and events both from Symantec and third-party security tools deployed across their infrastructure.
- Platform plays are largely the preserve of major players in the security industry with a broad portfolio of tools and a large customer base.
Features and Benefits
- Explains the purpose of platform plays, what benefits they should bring to customers, and how they will favor the prospects of the companies developing them.
- Describes how Symantec's ICDx platform works.
Key questions answered
- What is the purpose of an API for a platform play?
- Does ICDx already have a partner ecosystem?
Table of contents
Recommendations for enterprises
Recommendations for vendors
Platforms address infrastructure heterogeneity
Silos of discrete security tooling are now commonplace
Platforms address the challenge of silos
Platforms coexist with SIEMs or could replace them
ICDx began as a nexus for Symantec products
Blue Coat’s partner list boosted the platform initiative
APIs enable heterogeneous reporting into platforms
ICDx now supports heterogeneous environments
A partner ecosystem enables third-party integrations with ICDx
ICDx includes Events, Actions, and Threat Intelligence pillars