Dispel.com is a cybersecurity company offering a zero-trust platform for secure remote access to operational technology (OT), IT, and cyber-physical systems (CPS). Their platform focuses on protecting critical infrastructure by ensuring secure access for remote users and devices, integrating features like identity and access management, moving target defense, and OT DMZ unification.

As Technical Product Manager at Dispel, I recognized that our customers needed to consolidate their network security data from multiple sources into a single, manageable interface. Our platform users were switching between various tools, including Nozomi, Tenable, and Claroty, for network analysis, while also managing separate SIEM systems such as Splunk, SentinelOne, and Datadog.

My responsibility was to define and implement a comprehensive integration strategy that would bring third-party data into customized Dispel dashboards, while enabling our platform logs to feed into customers’ existing Security Information and Event Management (SIEM) solutions. These integrations needed to maintain FedRAMP High compliance standards and fit within our existing security architecture.

I began by mapping the data flows and integration points needed for each third-party tool. For network analysis tools, I worked with engineering to design secure API interfaces that could pull data from Nozomi, Tenable, and Claroty. This required careful consideration of authentication methods, data encryption, and rate limiting to protect both our platform and our customers’ networks.

The dashboard design phase started with user interviews to understand how administrators used these tools in their daily workflows. Using Figma, I created wireframes for customizable dashboards that would display network analysis data alongside Dispel’s native security information. The design enabled administrators to configure their views according to their specific needs, ranging from high-level network health metrics to detailed asset inventories.

For SIEM integration, I defined the log export specifications that would allow our platform data to integrate seamlessly with Splunk, SentinelOne, and DataDog. This involved creating standardized log formats that would work across various SIEM platforms while maintaining the level of detail required for security analysis. I wrote technical specifications for log transformation pipelines that would convert our internal log formats to each SIEM’s required structure.

Security was paramount throughout the integration process. I created detailed technical requirements that ensured all data transfers complied with FedRAMP High standards. This included implementing end-to-end encryption, secure API endpoints, and robust authentication mechanisms. Each integration point was designed with failure scenarios in mind, ensuring that integration issues would never compromise security.

I wrote comprehensive user stories in Jira that broke down the integration features into manageable development tasks, allowing for clear and concise planning. Each story included specific security requirements, acceptance criteria, and testing scenarios. For example, one story focused on implementing API rate limiting and anomaly detection to prevent potential security breaches through the integration points.

Working with our business team, I developed a prioritization framework for the integrations based on customer demand and technical complexity. We decided to roll out Splunk integration first, followed by Nozomi and Tenable, as this approach aligned with the needs and technical readiness of our largest customers.

Throughout the development cycle, I coordinated closely with engineering teams to ensure proper implementation. This included regular security reviews, performance testing, and validation of error handling scenarios. I also established monitoring requirements to ensure we could quickly detect and respond to any integration issues.
The integration project delivered substantial benefits to our platform and customers. Admin efficiency improved markedly, with users reporting a 65% reduction in time spent switching between security tools. The customizable dashboards became a key selling point for new customers, particularly in the industrial security sector where Nozomi and Claroty integrations were crucial.

SIEM integration capabilities led to three major enterprise contract wins, as customers could now incorporate Dispel’s security data into their existing security operations centers. The standardized approach to integrations also reduced our implementation time for new third-party tools by 40%.

The project strengthened our FedRAMP High compliance position by implementing robust security controls around all integration points. Our security architecture improvements served as a template for future integrations, enabling us to add new third-party tools more efficiently while maintaining our security standards.

This experience demonstrated my ability to manage complex technical integrations while balancing security requirements, user needs, and business objectives. The success of these integrations enhanced Dispel’s market position as a flexible, enterprise-ready security platform that works seamlessly with customers’ existing security investments.