CAEP Hub is SGNL’s event-driven set of capabilities to connect all the systems within the modern enterprise. With SGNL Policy, you’re able to craft human-readable and understandable policies about who can access what data, systems, and services and with CAEP Hub, you’re able to compliment these policies with remedial actions when policy is non-compliant, anomalous behavior is detected, or you simply need to orchestrate actions on human and non-human identity.
CAP Hub has three primary components that enable event-driven remediation, Triggers, Rules, and Actions.
Triggers enable you to create watchers on the graph, looking for when changes occur that match, or no longer match a certain criteria that you’ve specified. An example trigger might be ‘When an Entra ID User has a Microsoft Defender Incident associated with them’.
Rules make use of those Triggers to then take action. Within a Rule you can choose whether you want any actions to fire when the trigger matches, or no longer matches. Taking the above example, you might create a Rule that matches when a User has a Defender Incident in order to add a number of Actions to revoke the users session across a range of SaaS and Internal Applications. You might create another Rule that looks to see when the Trigger no longer matches in order to send a notification to the SOC and/or conduct a set of re-enablement actions.
Finally, as detailed above, Actions are the individual tasks that are conducted in the CAEP Hub in order to perform updates, changes, notifications, and more in all of the systems connected to SGNL. We provide wide range of out of box actions, but also enable Custom Webhook actions that can be heavily customized to perform practically any action within your environment.
With these components together, SGNL provides a powerful platform to take identity-centric remediation across all of the systems in the modern enterprise, and provide the hub for a modern identity fabric.