Automate. Orchestrate. Measure.
IncMan SOAR is the pioneering Security Orchestration, Automation & Response platform to automate, orchestrate and measure CSIRT’s and SOC’s
WHAT WE DO
DFLabs IncMan Security Automation and Orchestration platform enables you to automate, orchestrate and measure security operations and incident response processes and tasks
Minimize resolution time by 90%
Maximize analyst efficiency by 80%
Increase handled incidents by 300%
Supervised Active Intelligence TM driven by Machine Learning
DFLabs R3 Rapid Response Runbooks fully automate the triage, investigation and containment of incidents using conditional actions and 99+ included automation actions that allow workflows to execute a variety of data enrichment, notification, containment and custom actions based on complex, stateful and logical decision making.
Our patent-pending Automated Responder Knowledge (ARK) module applies machine learning to historical responses to threats, and recommends relevant playbooks and paths of action to manage and mitigate them.
Cyber Incidents under Control TM
DFLabs IncMan drives intelligence-driven command and control of your security operations. Orchestrate the full incident response and investigation life cycle for your SOC and CSIRT. Empower security analysts, forensic investigators and incident responders to respond to, track, predict and visualise cyber security incidents. Enable security managers and CISO’s to manage and measure operational performance and cyber risk.
Apply linear or conditional playbooks that support complex, stateful and conditional logical decision making combining manual and automated actions, with 100+ included playbook templates.
Aggregate, correlate and analyze data from hundreds of leading 3rd party security and threat intelligence sources with 35+ certified bidirectional connectors and a restful API for custom integrations.
Maintain and transfer expertise with machine-learning driven Automated Responder Knowledge (ARK). Manage incidents across stakeholders collaboratively and securely.
Full Incident Phase Management
Measure, benchmark and optimise Security Operations and Incident Response activities and performance with 140+ KPI’s and reports. Role-based dashboards and customizable widgets produce real-time situational awareness of the state of your security operations and risk exposure. Measure every individual phase of the IR workflow. Visualise and analyse threats.
DFLabs Research Resources
Insights, Best Practices and News
Key Performance Indicators (KPIs) for Security Operations and Incident Response
Learn why KPIs are so important, how many KPIs are appropriate and how to choose the best KPIs for a given organization in this new whitepaper by John Moran.
Webinar: Increasing the Effectiveness of Incident Management
Join our new webinar and get the chance to learn more about the crucial steps when implementing Incident Management System into your current Incident Response Processes.
DFLabs IncMan Product Overview Webinar - February 6th 2018
Join our live webinar providing an overview of DFLabs IncMan and learn how we can help to automate, orchestrate and measure your incident response and security operations.
Increasing the Effectiveness of Incident Management
Proper Incident Management is the foundation upon which a successful Incident Response program should be based. Learn why Incident Management must not be overlooked in the new whitepaper by John Moran.
IncMan supports hundreds of 3rd party security technologies via QIC, API, CEF, Syslog, and Email with a constantly growing list of certified bidirectional integrations.