DFLabs Improves SOAR with Open Integration Framework

DFLabs has just released a new version of its IncMan SOAR (Security Orchestration Automation and Response) platform on Nov. 7, providing organizations with a new open model for enabling integration with security tools.

The IncMan SOAR 4.5 release has a new open integration framework, and this makes it easier for organizations to connect disparate security tools for a more seamless security remediation workflow. The new DFLabs update also improves the START Triage module, that can help limit false positives and reduce the number of alerts that generate incidents that need to be remediated.

“The new open integration framework is really designed to change the way that we at DFLabs, develop our integrations with third party products, but also change the way that customers can interact with them,” John Moran, Senior Product Manager at DFLabs told eWEEK.

Read the entire article here.

Weighing Pros and Cons of DIY Versus Outsourced Incident Response

Nowadays, the growing security orchestration, automation and response (SOAR) market, although relatively new (the term was coined several years ago), has many vendors offering solutions that IT departments can choose to customize in-house, or buy as services from managed security service providers (MSSPs).

Gartner defines SOAR as “technologies that enable organizations to collect security threats data and alerts from different sources, where incident analysis and triage can be performed leveraging a combination of human and machine power to help define, prioritize and drive standardized incident response activities according to a standard workflow.”

Using SOAR, organizations are able to implement machine-driven incident analysis and response procedure workflows to automate repetitive security tasks until (and if) human intervention is required.

Read the entire article here.

How SOAR Technologies Force Multiply Your IR Assets

Mike Fowler, CISSP, DFLabs’ Vice President of Professional Services, appeared on Episode #54 of Task Force 7 Radio on Monday, October 29, to discuss how Security Orchestration, Automation, and Response Technologies can force multiply the Incident Response capabilities of organizations and companies.

If you want to know how SOAR technologies can strengthen your company’s crisis management capabilities and whether or not you can expedite the implementation of SOAR into your infrastructure, listen to Episode #54 of Task Force 7 Radio here.

Four Most Common Deficiencies of SOCs

For most of the time, areas that rankle SANS survey respondents the most about SOCs can be addressed with the right combination of planning, policies, and procedures.

The SANS Institute pinpointed the four most common SOC deficiencies in this year’s edition of its annual security operation center (SOC) survey.

The core of these deficiencies can be traced to a familiar source: people, processes, and proper planning and implementation of technology. Let’s take a look at the worst four and what security teams can do about them.

1. Automation/Orchestration

Most SOCs fall back in automation and orchestration because the SOC team is not aware of the processes that should be automated. Company employees are its first line of defense. Start by interviewing SOC personnel to understand their responsibilities and identify repeatable processes, such as evidence gathering during an incident (IP/URL reputation, information, etc.) that are time consuming and easily automated.

 

Read the entire article here.

DFLabs Named as Finalist for American Security Today Astor Award

We are delighted to be recognized as a finalist in the 2018 ‘ASTORS’ Homeland Security Awards for the Best Security Orchestration, Automation and Response (SOAR) solution and we look forward to the winners being announced on the 14th November.

Read more about this award here.

DFLabs Featured In Data Bridge Market Research Latest Report

DFLabs has been featured in the latest report of Data Bridge Market Research. Their reports are a proven source of valuable information on the current market trends, status, and opportunities. Statistics are represented in a graphical format for better understanding of figures and facts. Numerical data is supported by statistical tools such as SWOT analysis, Porter’s Five Forces Analysis and others.

Readers will find this report very helpful for better understanding of the security orchestration market. Moreover, this report offers reviews of key players, major collaborations, merger & acquisitions along with trending innovation and business policies. Some of the major countries covered in this report are U.S., Canada, Germany, France, U.K., Netherlands, Switzerland, Turkey, Russia, China, India, South Korea, Japan, Australia, Singapore, Saudi Arabia, South Africa, and Brazil among others.

For more details, read here.

DFLabs Featured in the Latest IT Digital Security’s Whitepaper

DFLabs’ CEO, Dario Forte, recently discussed the benefits of lncMan SOAR in detail for IT Digital Security’s latest whitepaper. Explaining the core functions that Security Orchestration, Automation and Response (SOAR) solutions should provide, he added that the main challenge a company faces when adopting a SOAR solution is having a knowledgeable security team in place.

Moreover, when asked what drives companies to adopt a SOAR solution, he states: “To help them detect, respond to, contain and remediate cyber security incidents with fewer human resources, which are scarce and expensive, by automating analysis and decision-making processes using machine learning software.”

The white paper was originally published by IT Digital Security in Spanish. SOAR is featured on pages 55-65. You can read it here.

 

 

 

 

What IR Challenges Do IncMan SOAR + Cb Response Solve?

Our Senior Product Manager, John Moran, explains in detail the IR challenges IncMana SOAR and Cb Response solve.

In his expert opinion, as a former incident response consultant who utilized Cb Response on dozens of complex incident response engagements, he believes Cb Response is one of the most effective endpoint solutions when it comes to detecting, investigating and responding to advanced threats.

Read about the rest of the challenges that the integration between DFLabs Incman SOAR and Cb Response solve here.

 

DFLabs’ Investor Evolution Equity Partners Adds Cisco’s Former Head of Cybersecurity Acquisitions and Investments to Its Team

Evolution Equity Partners has announced that Karthik Subramanian, former Head of Cybersecurity Acquisitions and Investments at Cisco has joined the firm as a partner and will now lead the investments in cybersecurity, enterprise software, IoT, cloud, and analytics. Evolution Equity Partners is based in New York City, USA, and Zurich, Switzerland and invests in fast-growing technology companies,  focusing on Cybersecurity and Enterprise Software. Current and past portfolio companies include AVG Technologies (NYSE: AVG), Cognitive Security, OpenDNS, Carbon Black, Onapsis, Security Scorecard, DFLabs, Fortscale, LogPoint, Eperi, Panaseer among others.

This Press Release was originally published on Business Wire. Read the full Press Release here.

Variations in State Data Breach Disclosure Laws Complicate Compliance

In the constantly evolving security regulatory landscape,  the new data breach notification laws are not so good news for businesses who are already struggling to stay on top of it. These new laws, for companies, mean increased workloads and increased expenses. GDPR applies to all companies who are operating in Europe and all business with a website or an app that processes data of EU citizens. Failure to comply with the GDPR could result in substantial fines: up to €20 million or 4 percent of a company’s global revenue, whichever is higher.

Even though there are many elements involved in meeting data breach disclosure requirements, incident response plays a central role. Incident Response consists out of pre-breach planning and post-breach action, both of which can help organizations to prevent and detect breaches, comply with the data breach disclosure regulations, notify the stakeholders within appropriate timeframes, and take sufficient measures.

With the right processes, procedures and the right technology in place, incident response is key in order to understand, remediate and communicate the details of a data breach. Being able to find out and understand what exactly happened, what data was impacted and how is the first and the most important step in being able to meet disclosure law requirements and comply with tight notification deadlines.

This article was originally published on Infosec Island. Read the entire article here.