DFLabs / 28 Aug 2018

DFLabs to Reveal Best Practices for “Live Box” Forensics at SANS Threat Hunting and IR Summit

DFLabs' Senior Product Manager and an expert in security operations, incident response, digital forensics and investigations John Moran, will present best practices for using “live box” forensics at the upcoming SANS Threat Hunting and Incident Response Summit in New Orleans on September 7, 2018.As organizations experience an increase in complex cyber threats and advanced attack techniques, such as the use of file-less malware, security operations personnel are turning to the use of “live box” forensics in threat hunting, despite its perceived risks and pitfalls. With this in mind, John will detail the Dos and Don’ts when conducting “live box” forensics for threat hunting and provide a best practices framework for incident response teams. Moreover, he will use a newly released free Windows tool that automates data acquisition to demonstrate “live box” techniques.Learn more about the Summit here.You can read the full article hereRead article

READ ARTICLE

DFLabs / 02 Aug 2018

DFLabs Transforms Security Operations with Automated Triage for Incident Response

DFLabs SOAR has released a new version of the IncMan SOAR platform that uses automated event triage which will help to significantly reduce the number of cyber security incidents generated from alerts. This capability, first of its kind, called START (Simple Triage And Rapid Treatment) Triage, is being used by a major European bank to eliminate manual first line assessment of suspected fraudulent online transactions. In addition, this new version of IncMan SOAR includes even more enhancements including several new bidirectional integrations from a variety of product categories including SIEM, network defense, endpoint protection and threat intelligence, that expand its orchestration and automation capabilities even further.“Not every alert deserves to become and be processed as a security incident, yet that is how SOAR products currently operate. The new release of IncMan SOAR is breaking this cycle,” said Michele Zambelli, CTO of DFLabs. “By applying our automation engine, enrichment and containment capabilities to events using a triage process, we can dramatically reduce the number that are turned into incidents and placed into the queue for deeper assessment by IncMan and security analysts.”The new version 4.4 with triage of DFLabs IncMan SOAR Platform will be available immediately from DFLabs and its business partners worldwide.DFLabs will demonstrate the new version 4.4 of IncMan SOAR with triage at Black Hat booth #IC2329 on August 8-9, 2018 at Mandalay Bay in Las Vegas.You can read the full article hereRead article

READ ARTICLE

DFLabs / 23 Jul 2018

DFLabs to Discuss How Orchestration Can Facilitate Knowledge Transfer and Improve Incident Response at SANS SOC Summit 2018

DFLabs' Vice President of Professional Services, Mike Fowler will present a session on improving incident response capabilities and how to overcome the shortage of skilled security operations staff at the SANS Security Operations Center Summit on Monday, July 30, 2018 at 12 PM noon CDT.The shortage of skilled SOC personnel worldwide is only getting worse. With increasing workloads, inexperienced security analysts need to be brought up to speed quickly so they can contribute effectively to SOC Operations. In this session, “Leveraging Orchestration to Facilitate Knowledge Transfer in Security Operations,” Mike Fowler will present a framework that combines a traditional and new knowledge transfer techniques with the help of orchestration to enable under-resourced SOCs to achieve new levels incident response efficiency and productivity.You can read the full article hereRead article

READ ARTICLE

DFLabs / 09 Jul 2018

451 Research Report Says DFLabs Provides MSSPs a Holistic View of Customer Threats and Accelerates Responses to Them

DFLabs' IncMan security, orchestration, automation and response (SOAR) platform has been cited for the ability to increase revenues, lower operational costs and deliver more value to MSSPs in the new 451 Research Report. According to the 451 Research report, DFLabs provides MSSPs with a broad set of capabilities to streamline and scale operations, improve effectiveness and efficiency and create new revenue streams. The 451 Research Impact Report, “DFLabs brings security automation and orchestration to MSSPs,” was published on June 5 and can be downloaded here. “MSSPs need advanced capabilities to manage, measure and maximize the effectiveness and efficiency of their operations, and aggregate analyst knowledge. But they lack the resources to build these on their own,” said Aaron Sherrill, Senior Analyst at 451 Research. “With support for granular risk factors, machine learning, semi to full automation, incident triage, playbooks and built-in integrations to over 100 cybersecurity tools, DFLabs provides MSSPs a holistic SOAR platform that accelerates responses to threats facing their customers.” You can read the full article here Read article

READ ARTICLE

DFLabs / 28 Jun 2018

LogPoint and DFLabs Join Forces to Provide Rapid Detection and Response of Cyber Incidents

DFLabs, the pioneer in Security Orchestration, Automation and Response (SOAR) technology has joined forces with LogPoint, the next generation SIEM and Big Data Analytics company to provide rapid detection and faster remediation of security incidents. The combination of DFLabs' IncMan Security Orchestration, Automation and Response and LogPoint SIEM provides end-to-end visibility to neutralize cyber threats.“The deep integration of the LogPoint SIEM with DFLabs IncMan combines the power of each solution to create a more robust, efficient and responsive security program,” said Dario Forte, CEO, and Founder of DFLabs. “Together IncMan and LogPoint enable organizations to automate most of the work performed by security analysts, and accelerate incident detection and response actions from hours to seconds.”“With accelerated detection and response and the added benefit of utilizing playbooks and runbooks to formalize the response handling procedure, we will provide true operational value to our customers,” said Jesper Zerlang, CEO of LogPoint. “From a business value perspective, LogPoint and DFLabs are individually delivering the best feature to price ratio in the market, but even more so as a joint solution.”You can read the full article hereRead article

READ ARTICLE

DFLabs / 27 Jun 2018

DFLabs to Present Session on State of Security Orchestration, Automation and Response at NXTAsia 2018 Conference

DFLabs’ Vice President of Engineering, Andrea Fumagalli will present a session at NXTAsia Conference 2018 and will use real-world cases to explain how advances in machine learning are changing security operations and incident response.DFLabs will be exhibiting at the conference in booth #5H2-08. Visit DFLabs’ booth to see the latest from DFLabs and its IncMan SOAR platform.You can read the full article hereRead article

READ ARTICLE