DFLabs Unveils Machine Learning Powered First Responder Automation for Security Operations

DFLabs IncMan orchestrates the intelligence-driven SOC and CSIRT

BOSTON – ( BusinessWire  ) – DFLabs, the leader in Security Automation and Orchestration Technology, announced today the release of its new Playbook Recommendation and Intelligent Selection Mechanism (DF-PRISM), enhancing DFLabs security automation and orchestration with incorporated proprietary machine learning. The system uses patent-pending advanced methods and algorithms to detect operational intelligence such as security incident and resolution data to recommend playbooks and actions based on historical incident response activities. This approach minimizes the resources and time required to successfully analyze and respond to ongoing incidents while maximizing the effectiveness and efficiency of security teams.

At its core, DFLabs SAO enables security organizations to take a gradual “crawl, walk, run” path to developing effective processes for successfully responding to and managing threats as well as hardening security controls. Beginning with “Human Guided Learning” and evolving into “Human Supervised Learning”, users can create and apply simple, linear or conditional playbooks that combine manual, semi-automated and automated actions. Decision-making and conditional responses can be made manually by humans, automatically by machine, or a hybrid of the two – depending on the needs, requirements, and maturity of the organization.

Mature organizations can leverage the advanced Runbooks of DF-PRISM that support complex and stateful logical decision-making to enable an advanced and adaptive threat management program. Conditional responses that allow users to pursue a variety of alternative responses.

“In developing DF-PRISM, we have built a technology that enables users and the system to learn together and lets people determine their level of involvement in responding to and managing threats,” said Dario Forte, chief executive officer, and founder DFLabs. “Users get immediate value by tracking and responding to threats, then over time the system builds a knowledge base of responses that can be relied on to automatically manage the entire incident response process.”

According to recent research from Enterprise Strategy Group (ESG) entitled “Next Generation Cybersecurity Analytics and Operations Survey,” commissioned by DFLabs and other technology vendors, 92% of respondents have deployed, plan to deploy or are interested in deploying machine learning technology to support Automation and orchestration. The top drivers are accelerating incident detection (29%) and accelerating incident response (27%).

The research also found that 21% of respondents will deploy machine learning because they hope the technology can help maximize the productivity of their existing staff to compensate for their inability to hire enough new security operations personnel.

“Enterprises are finding it challenging to quickly respond to security incidents across a constantly growing attack surface and with limited resources, resulting in a large window of opportunity for attackers to execute the full kill chain and the potential for minor incidents to evolve into full-blown breaches , “Said Oliver Rochford, vice president of Product Marketing, DFLabs. “Augmenting analysts” smart eyeballs with machine learning will help organizations to reduce the time from breach discovery to containment, while also assisting in building, retaining and transferring institutional knowledge about past incidents and threats. ”

Innovative Threatscape Modeling

Leveraging machine learning, DF-PRISM constructs a model of the threatscape based on known and historical incidents, scoring and evaluating any incident based on unique and shared indicators and attributes and their relevance. The algorithms use this model to propose playbooks for similar or related threats. Threats known to the model are considered to have greater relevance, are scored more reliably, and are assigned a higher urgency and higher prioritization.

Key benefits include:

• Intelligence-guided false positive reduction
• Improves response time by up to 80%
• Automatically correlates and re-applies playbooks across Tenants in multi-user and MSSP environments

DF-PRISM is available immediately with version 4.2 of IncMan, which also includes:

• New Dual-Mode Playbook engines
• An advanced correlation engine
• An observable investigation view
• A unique set of features based on machine learning (ML) and supervised active intelligence to guide first responders
The current integration library is composed of over 100 different playbooks and connectors Can be customized by and shared between users without requiring scripting or coding.

About DFLabs

DFLabs – Cyber Incidents Under Control – is a recognized global leader in security automation and orchestration technology. The company is led by a management team recognized for its experience in and contributing to the information security field including the co-editing of many industry standards such as ISO 27043 and ISO 30121. Its flagship product, IncMan, has been adopted by Fortune 500 and Global 2000 organizations worldwide. DFLabs has operations in Europe, North America, and EMEA. For more information, visit  www.dflabs.com  or connect with us on Twitter @DFLabs.

This Press Release was originally published on  BusinessWire

DFLabs at Borderless Cyber USA in New York 2017

We invite you to visit us at Borderless Cyber USA 2017 in New York City on June 21-22, where our CEO Dario Forte and our VP of Professional Services Mike Fowler will show you how DFLabs IncMan – Security Automation and Orchestration Platform can help you to reduce your reaction time up to 80% with the help of Machine Learning and AI.

Borderless Cyber USA is a distinctive conference for cybersecurity stakeholders in the industries such as international business, financial services, healthcare, retail, manufacturing, utilities, international business, government, among other industries. This year the conference will focus on changing the economics of computer network defense, and the program will explore the ways to reduce costs for defenders and increase costs for attackers. C-level executives and directors of threat intelligence, incident response, risk, and audit will learn how to better evaluate and defend their cyber practices.

Our CEO Dario Forte will take part in the panel “A Threat Intelligence sharing reality-check: How standard interfaces (such as STIX and TAXII) can reduce costs and time”on June 21 from 13:00-14:15h. There you will get the unique chance to hear his expert views and insights on:

– Why threat intelligence sharing is still a somewhat contentious discussion
– What the cybersecurity community should be doing to enable solutions like STIX and TAXII to succeed
– What is inhibiting organizations from adoption of these solutions
– What cybersecurity vendors are doing to help the effort
– Why organizations should continue to believe in information sharing and how to disprove contrary theories
– And how to convert challenges into positive achievements.

We will be at table 4, so feel free to stop by and meet our CEO and VP of Professional Services to talk about the latest developments in cybersecurity.

Research Reveals Organizations Falling Behind in Cyber Security Analytics and Operations Despite Business Pressure to Improve

To Automate or Orchestrate? Enterprise Strategy Group survey calls for guidance and a shift toward accelerating Security Operations

BOSTON–(BUSINESS WIRE)–DFLabs, the leader in Security Automation and Orchestration Technology, announced today the release of new research from Enterprise Strategy Group (ESG), commissioned by DFLabs and other technology vendors, which shows that when it comes to the evolution of Cybersecurity Analytics and Operations, 71% of respondent organizations find it more difficult today than it was two years ago due to the changing threat landscape, followed by volume of alerts and increased regulatory changes.

“Despite businesses making it a priority, there is great confusion on how to make sense of and integrate Security Analytics and Operations. Most organizations are dealing with 10 to 25 technologies ranging from SIEMs, vulnerability assessment, endpoint detection, threat intelligence and user behavior to incident response. They are challenged with the total cost of operations and spending too much time on emergency issues,” said Jon Oltsik, Senior Principal Analyst, ESG.

This need for strategy and process improvements is why purchasing security operations tools designed to help organizations automate and orchestrate security operations processes was cited as the second highest priority respondent organizations will take over the next two years. The majority (90%) of respondent organizations are planning to deploy, or have somehow deployed, technologies designed for Automation and Orchestration.

The research also revealed that Automation is a higher priority (66%) than Orchestration (31%) – pointing to the need for a maturity model to guide security operations centers (SOCs) and cybersecurity professionals on their journey.

Added Oltsik, “There is a lot of hype but these are not turnkey solutions. Most organizations start by employing automation to the most time-consuming low-level tasks, such as integrating external with internal IOCs; whereas orchestration, such as building a run book, requires more thought and planning and attention. We found a great need for a ‘guided’ approach to full automation and orchestration and DFLabs is the only vendor today to do both.”

Finally, the survey found a shift in focus from threat detection to incident response. Eighty-six percent (86%) of respondent organizations are currently using or plan to use an incident response platform while 92% have deployed, plan to deploy or are interested in deploying Machine Learning technology to support Automation and Orchestration – with accelerating incident response as a top driver.

“This research validates our vision for Supervised Active Intelligence (SAI)™. By giving customers a path from machine-to-human to machine-to-machine operations, we gradually guide them on the maturity curve to full automation and orchestration – without losing the element of human control,” said Dario Forte, CEO, DFLabs. “Based upon an innovative machine learning and incident correlation engine, DFLabs offers a force multiplier solution that helps security operations and incident response teams quickly orchestrate the triage, containment, reporting, and remediation of data breaches and other cyber incidents.”

Surveying 412 IT professionals and cybersecurity professionals across a broad range of industry verticals, the multi-client research, titled “Next Generation Cybersecurity Analytics and Operations Survey,” seeks to better understand the evolution of the market including requirements, skills, challenges, and technology adoption plans.

Other key highlights include:

– Eighty-one percent (81%) strongly agree or agree that improving Security Analytics and Operations is a high priority
– 78% strongly agree or agree that they have a formal plan and funding to improve Security Analytics and Operations
– 72% strongly agree or agree that business management is pressuring the cybersecurity team to improve Security Analytics and Operations

– Eighty-two percent (82%) will increase spending in Security Analytics and Operations

In-depth data is also available upon request on the topics of staffing, security operations centers (SOC), managed security services, security data collection, threat intelligence, and technology integration.

To request a copy of the research please visit: https://goo.gl/UGM8oY

About DFLabs

DFLabs is a recognized global leader in Security Automation and Orchestration. The company is led by a management team recognized for its experience in and contributions to the information security field including co-edited many industry standards such as ISO 27043 and ISO 30121. IncMan – Cyber Incidents Under Control – is the flagship product, adopted by Fortune 500 and Global 2000 organizations worldwide. DFLabs has operations in North America, Europe, Middle East, and Asia with US headquarters in Boston, MA and World headquarters in Milan, Italy. For more information visit: http://www.dflabs.com or connect with us on Twitter @DFLabs.

Contacts
Kesselring Communications
Leslie Kesselring, 503-358-1012
[email protected]

DFLabs Launches the First Security Automation and Orchestration Platform Based Upon Supervised Active Intelligence™

IncMan 4.0, DFLabs’ flagship platform, to help cybersecurity operations and incident response teams tackle automation challenges with machine learning

Boston – February 7, 2017 – DFLabs, the leader in Security Automation and Orchestration Technology, announced today the launch of a landmark release of its flagship platform, IncMan 4.0. Based upon an innovative machine learning and incident correlation engine DFLabs offers a force multiplier solution that helps security operations and incident response teams quickly orchestrate the triage, containment, reporting, and remediation of data breaches and other cyber incidents while gradually guiding them on the maturity path to full automation.

The pace of cyber attacks combined with data breach and privacy regulations are making security operations platforms mandatory for organizations of all sizes. DFLabs has conducted months of discussions with dozens of Fortune 1000 CISOs showing that taking the “human” completely out of security automation may be dangerous. Significant concerns with making a sudden switch to fully unattended automation include complex issues such as “Trust on Input,” e.g. If the input data is incorrect, the output could cause even more damage to the business than the incident itself and “Proof of Evidence,” e.g. An unattended full automation response computer can not be a case for a compliance violation and can leave CISOs exposed to avoidable and excessive legal liability.

With IncMan 4.0, DFLabs delivers on its vision for Supervised Active Intelligence™ (SAI) driven by the industry’s first Dual Mode Playbooks (Machine-to-Human and/or Machine-to-Machine). IncMan includes hundreds of playbooks – based on U.S. and UE international industry regulations (including GDPR), standards and best practices. These playbooks are automatically assigned and dynamically applied to an incident to provide the Security Operations Center (SOC) and Incident Response (IR) teams full control of the situation until they are ready for the next step, at which point the machine learning algorithm takes over the process and brings the organization to the next level of automation.

“Progress of enterprise security organizations towards orchestration spanning multiple functional teams is advanced in part by deep, console-based platforms,” said Dan Cummins, Senior Analyst Security, 451 Research. “SOC product buyers should focus not only on acquiring programmable, process-centric expertise of current practitioners but also on establishing an agile foundation to meet future cyber security risks as well.”

IncMan 4.0 is also the only solution available with an innovative Knowledge Base that reduces the amount of time spent on the lifecycle of an incident. The Knowledge Base is managed and updated by the DFlabs dedicated research team and includes threat catalogs, frameworks, standards, regulations and more. Incident response orchestration can be enhanced with actionable intelligence to provide effective direction in assisting the SOC and IR teams in creating and executing a response plan as well as for conducting risk analysis and demonstrating compliance with state, federal and international breach regulations.

A complete and thorough orchestrated incident response plan utilizing IncMan 4.0 has shown to save many organizations significant time in mitigating security issues, resulting in up to 80% reduction in reaction time.

“CISO’s are under heavy scrutiny and pressure to adopt the latest innovation in security automation, yet they are not ready to suddenly and irreversibly replace humans with technology. They must have the ability for their security teams to supervise the intelligent role of the machine – at least at the beginning of their journey,” said Dario Forte, Founder and CEO, DFLabs and internationally recognized ISO standards expert. “This is the basis for the design and development of our Supervised Active Intelligence paradigm that we believe is the only effective path to full automation.”

IncMan 4.0 offers a single, transparent “pane of glass” through which organizations can automate and orchestrate their entire security operations. It is an out-of-the-box platform featuring an intuitive interface and workflow combined with flexible use cases and reporting to meet the needs of any industry. Triage, Containment and Remediation operations can be navigated through the configurable, role-based dashboard. In addition to the Dual Mode Playbooks and Knowledge Base, other innovative features include:

• Integration Ecosystem: Any data source can be easily consumed and IncMan 4.0 features native integrations with the entire cybersecurity ecosystem of data sources to “connect all the dots” within the security operations and incident response process from end-point detection and response and malware analysis to threat intelligence services, through support for STIX and TAXII OpenIOC, and IODEF, as well as integration with commercial threat intelligence, feeds.
• Correlation Visualization Engine: Visualizing the correlation between incidents and artifacts allows analysts to promptly apply industry recognized response and mitigation actions.
• Threat Intelligence Sharing: This correlation capability also ensures that both corporate and government data security organizations can effectively and bi-directionally share new threat intelligence and after action reports.

“Automation and machine learning are in strong demand in InfoSec. On the other hand, we should not forget that Machine Learning and Artifical Intelligence are still relatively new to get applied in businesses. Model design is crucial to consider social factors, human judgment on values, and sensitivity for possible bias. That’s why a guided path to full automation could be advisable, especially for critical applications such as security operations,” said Dr. Anastassia Lauterbach, Advisory Board Member of DFlabs.

Demo and trial of IncMan 4.0 are available immediately. DFLabs Professional Services Team is also available for Breach Readiness and IR Plans to help organizations achieve the appropriate plan, whether it’s guiding security teams through the process or augmenting their internal team.

About DFLabs
DFLabs is a recognized global leader in cyber incident response automation and orchestration. The company is led by a management team recognized for its experience in and contributions to the information security field including co-edited many industry standards such as ISO 27043 and ISO 30121. IncMan – Cyber Incidents Under Control – is the flagship product, adopted by Fortune 500 and Global 2000 organizations worldwide. DFLabs has operations in North America, Europe, Middle East, and Asia with US headquarters in Boston, MA and World headquarters in Milano, Italy. For more information visit: http://www.dflabs.coms! or connect with us on Twitter @DFLabs.

###

Media contacts:
Leslie Kesselring, Kesselring Communications
503-358-1012
[email protected]

DFLabs Integrates with Carbon Black for Comprehensive Cyber Incident Response Automation and Orchestration

Boston – January 10, 2017DFLabs, the global leader in cyber incident response automation and orchestration, announced today its integration with Carbon Black, the leader in next-generation endpoint security, to provide a fully integrated solution for cyber incident response.

The native integration combines DFLabs’ IncMan cyber incident response automation and orchestration platform with Carbon Black’s Cb Response to give users advanced visibility into cyber incidents to speed the investigation, prioritization, and response to incidents in one single orchestration report while improving the management of threats.

This development represents another milestone in DFLabs’ comprehensive integration partnership portfolio with security data sources to “connect all the dots” with in the incident response process – from SIEMs to end-point detection and response, email notification, malware analysis and threat intelligence services. Through this single, transparent pane of glass customers can easily gain actionable intelligence and automatically share bi-directional data with their communities while retaining critical control and evidence through human supervision of the process.

“Driven by the demand of our high-profile F500 customers, the combination of DFLabs and Carbon Black is a powerful solution for our customers, enabling them to seamlessly triage and remediate cyber attacks. To stay ahead of the threat, collaboration is critical, and this important partnership further demonstrates our rapid technology advancements, vision for Supervised Active Intelligence™, and commitment to helping CISOs around the world get their cyber incidents under control,” said Dario Forte, Founder, and CEO of DFLabs.

”Responding quickly to today’s advanced threats is vital for businesses to keep their critical data safe,” said Tom Barsi, Carbon Black’s senior vice president of business development. “Through this integration, DFLabs and Carbon Black are empowering security teams to remediate cyber attacks faster and more conclusively than ever before.”

IncMan integrates with a multitude of sources for alerts, including but not limiting to SIEM, ticketing systems, Threat Intelligence communities, and any external application that can invoke IncMan API’s. Additionally, Syslog alerts and emails can automatically trigger the creation of an incident, alerting and notifying the most appropriate team on their mobile phone, and assigning the most efficient playbooks (i.e. workflows) to provide a timely automated response. IncMan also represents a centralized repository for case management and advanced analytics or customized personal dashboards as well as features a smart KPI engine helps the user to promptly answer inquiries from executive management.

Active data breach and privacy regulations are making incident response platforms mandatory. DFLabs is the first mover in fast growing categories of Security Operations, Analytics and Reporting (SOAR) and Security Incident Response Platforms (SIRP). DFLabs is recognized for its unique approach to automation that provides a highly customizable solution that meets the specific needs of any industry while joining automation and human resources so that the enterprises can improve security.

Cb Response is the market-leading incident response and threat hunting solution. Only Cb Response continuously records and centralizes all endpoint activity, giving Incident Responders, SOC analysts, and MSSPs the complete, real-time information they need to understand exactly how attackers are targeting their organization so they can identify the root cause, hunt anomalous behavior, and isolate threats. With Cb Response, organizations can streamline alert validation, accelerate investigations, reduce dwell time, eliminate unnecessary reimaging, and limit IT involvement in the security life cycle process.

About DFLabs
DFLabs is a recognized global leader in cyber incident response automation and orchestration. The company is led by a management team recognized for its experience in and contributions to the information security field including co-edited many industry standards such as ISO 27043 and ISO 30121. IncMan – Cyber Incidents Under Control – is the flagship product, adopted by Fortune 500 and Global 2000 organizations worldwide. DFLabs has operations in North America, Europe, Middle East, and Asia with US headquarters in Boston, MA and World headquarters in Milano, Italy. For more information visit: http://www.dflabs.com or connect with us on Twitter @DFLabs.

###

Media contacts:
Leslie Kesselring, Kesselring Communications
503-358-1012
[email protected]

DFLabs Presents on “Standardizing and Automating Incident Response and SOC” at RSA Conference 2016 Abu Dhabi

DFLabs CEO to discuss the Supervised Active Intelligence™ paradigm

Boston – November 14, 2016DFLabs, the global leader in cyber incident response automation and orchestration, announced today its CEO and ISO Co-Editor Dario Forte will present on “Standardizing and Automating Incident Response and SOC: State of the Art” at RSA Conference 2016 Abu Dhabi held November 15-16 at the Emirates Palace. DFLabs will also discuss the Supervised Active Intelligence™ paradigm and will illustrate how playbooks dedicated to breach notification, response and compliance activities can be tailored to the Cooperation Council for the Arab States of the Gulf (GCC) and international upcoming regulatory environment.

DFLabs CEO will also meet local CISOs to preview one of the largest data sets on the market, the IncMan RP playbook, a unique new module of the company’s cyber incident response automation and orchestration platform, IncMan. The playbook set is based upon regulations and industry standards and gives customers immediate access to a large number of pre-built incident and data breach response actions to follow. Providing the most playbooks available today to handle the entire breach response process – from technical to operational and legal – it is divided into state/federal, industry sector and type of incident/breach segments and works with both human and machine based processes.

Active data breach and privacy regulations are making incident response platforms mandatory. DFLabs is the first mover in fast growing categories of Security Operations, Analytics and Reporting (SOAR) and Security Incident Response Platforms (SIRP).

“DFLabs has a strong presence in the GCC region, including the United Emirates. We are proud to participate at this high-profile RSA event to share an important overview of the state of the art of automation and orchestration for cyber incident response and global standards as well preview our unique playbook and vision for supervised active intelligence,” said Dario Forte, Founder, and CEO of DFLabs.

In his RSA Conference session on Wednesday, November 16th from 14:20 pm- 15:10 hrs, Forte will cover how in the past two years, five standards have been published with the purpose of supporting Cybersecurity Operations and Incident Response, along with new automated technology platforms. As one of the ISO Co-Editors, Forte will give an overview of the entire ISO-SC27 Incident Response spectrum, along with insights on how to implement it within any size of organization. The presentation also will discuss the technology state of the art, including the role of machine learning, automation, and SOC management architectures.

RSA Conference 2016 Abu Dhabi will host a group of diverse cyber security experts and influential speakers from the GCC and aims to provide a platform to discuss the changing cybersecurity landscape in the region and develop sound practices for mitigating both current threats and ones expected to emerge in the future. The conference will also aim to showcase the significant progress made in the government’s vision of promoting regional cybersecurity initiatives.

About DFLabs
DFLabs is a recognized global leader in cyber incident response automation and orchestration. The company is led by a management team recognized for its experience in and contributions to the information security field including co-edited many industry standards such as ISO 27043 and ISO 30121. IncMan – Cyber Incidents Under Control – is the flagship product, adopted by Fortune 500 and Global 2000 organizations worldwide. DFLabs has operations in North America, Europe, Middle East, and Asia with US headquarters in Boston, MA and World headquarters in Milano, Italy. For more information visit: http://www.dflabs.com or connect with us on Twitter @DFLabs.

###

Media contacts:
Leslie Kesselring, Kesselring Communications
503-358-1012
[email protected]

DFLabs Presents on “Standardizing Data Breach Response” at Data Privacy Asia 2016

DFLabs previews new cyber incident response playbook for Asian regulatory environment

Boston – November 7, 2016DFLabs, the global leader in cyber incident response automation and orchestration, announced today its Vice President of Engineering, Andrea Fumagalli, will present on “Standardizing Data Breach Response: State of the Art” at Data Privacy Asia 2016, to be held November 9-11 in Singapore at the One Farrer Hotel & Spa. DFLabs will also preview a new playbook dedicated to breach notification, response and compliance activities specific to the Asian regulatory environment.

One of the largest data sets on the market, the IncMan RP playbook is a unique new module of the company’s cyber incident response automation and orchestration platform, IncMan. The playbook is based on U.S. and EU regulations and industry standards and gives customers immediate access to a large number of pre-built incident and data breach response actions to follow. Providing the most playbooks available today to handle the entire breach response process – from technical to operational and legal – it is divided into state/federal, industry sector and type of incident/breach segments and works with both human and machine based processes.

“Active data breach and privacy regulations are making incident response platforms mandatory and our commercial and government customers in Singapore and Asia are working very hard to establish the right framework for cyber incident and breach response. As the first mover in fast growing categories of Security Operations, Analytics and Reporting (SOAR) and Security Incident Response Platforms (SIRP), we are happy and proud to participate in this important event, educate on global standards and best practices, and serve customers with our unique new playbooks,” said Dario Forte, Founder and CEO of DFLabs.

In his Data Privacy Asia 2016 session on Wednesday, November 9th from 4:00pm- 4:30pm, Fumagalli will cover the recent progress made by ISO (International Organization for Standardization) in the field of Incident and Data Breach Response. In the past 36 months 5 standards have been published, with the purpose of providing practitioners and evaluator a series of tools – based upon consensus – able to support Cyber Security Operations and Breach Response. As one of the most recognized experts in ISO standards, he will give an overview on the entire spectrum, along with some insights on how to implement them within any size of organization, including an overview of the available technologies to automate and orchestrate incident management and response.

“These developments further our vision of Supervised Active Intelligence® to combine automation, orchestration, and response in one powerful platform, giving cyber operations and incident response teams the ability to react faster globally while maintaining the critical element of human control,” added Forte.

About DFLabs
DFLabs is a recognized global leader in cyber incident response automation and orchestration. The company is led by a management team recognized for its experience in and contributions to the information security field including co-edited many industry standards such as ISO 27043 and ISO 30121. IncMan – Cyber Incidents Under Control – is the flagship product, adopted by Fortune 500 and Global 2000 organizations worldwide. DFLabs has operations in Europe, North America, Middle East, and Asia with US headquarters in Boston, MA and World headquarters in Milano, Italy. For more information visit: DFLabs or connect with us on Twitter @DFLabs.

Media contacts:
Leslie Kesselring, Kesselring Communications
503-358-1012
[email protected]

DFLabs Announces Availability of New Incident and Breach Response Playbook Set, Based on U.S. and EU Regulations

The new playbook set, called IncMan RP, is one of the largest data sets on the market, granting companies of any size the opportunity to get cyber incidents quickly under control.

Milan, Italy; Boston, MA (PRWEB) June 21, 2016

DFLabs, the leader in incident response automation and orchestration technology, has announced the availability of a new playbook set called “IncMan RP,” based on U.S. and EU regulations and industry standards. With this new set, customers will have immediate access to a large number of pre-built incident and data breach response actions to follow. The playbook is divided into state/federal, industry sector and type of incident/breach segments and works with both human and machine based processes.

The new IncMan playbook set contains automated and semi-automated workflows and procedures for responding to security incidents and privacy breaches. Also included are associated flow charts which show the movement of activities.

Breach data items and related actions in the playbook set are compliant with U.S. state and territory breach notice laws, as well as HITECH/HIPAA Act breach notice requirements. Updates are provided over time via DFLabs annual subscription, in compliance with any other breach notice laws or regulations that are created. The same steps are followed in regards to EU GDPR breach requirements, with updates being applied over time regarding any additional breach notice laws or regulations that are created in EU countries.

“This is the first playbook set in the market with such a large data set and flexibility, and it is able to be used in both large and mid-size corporations, directly or via MSSP,” said Dario Forte, founder and CEO of DFLabs. “With DFLabs’ IncMan, the security operations and incident response team will be able to automate both human and machine actions and have cyber incidents quickly under control.”

According to the Ponemon Institute, although the average cost of mitigating a breach is up 29% since 2013 (at about $4 million per incident), there was good news in that companies that have incident response plans and teams in place saw an average savings of $400,000 over companies that did not. Furthermore, the active data breach and privacy regulations in the U.S and E.U. are making incident response platforms mandatory. DFLabs’ IncMan is the leading platform for incident response automation and orchestration, and can help enterprises prepare, respond and be compliant.

For more information about the report, please go to: http://www.infosecurity-magazine.com/news/data-breach-costs-soaring/)

The release of this innovative software package comes during a very important time for the company, which recently announced its initial round of funding from Evolution Equity Partners, along with the acquisition of new corporate customers in the United States, EMEA and APAC.

About DFLabs
DFLabs – Cyber Incidents Under Control – is a recognized global leader in automated incident and breach response and orchestration. The company is led by a management team recognized for its experience in and contributions to the information security field including the co-editing of many industry standards such as ISO 27043 and ISO 30121. Its flagship product, IncMan, has been adopted by Fortune 500 and Global 2000 organizations worldwide. DFLabs has operations in Europe, North America and EMEA. For more information, visit http://dflabs.com/ or connect with us on Twitter @DFLabs.