John Moran @DarkReading: The Role of KPIs in Incident Response

John Moran, DFLabs’ Senior Product Manager writes about how important is the use of  KPIs in Incident Response. Using KPIs in a security operations program can have a positive impact not only on a strategic level but on the tactical level as well.

Read the full article on Dark Reading’s website here.

Oliver Rochford @ITSPmagazine: The Truth Is That Threat Hunting Is More Art Than Science

DFLabs’ Vice President of Security Evangelism, Oliver Rochford, with a new article for the Experts Corner by ITSPmagazine titled: “The Truth Is That Threat Hunting Is More Art Than Science”, where he goes into more detail on the threat hunting reality today. Even though organizations now have much better threat hunting technologies and tools than ever, still cyber investigations require human analysis in order to be effective.

Read the full article here.

DFLabs CEO and Founder, Dario Forte to Take Part in the Panel “Building and Achieving a World Class Incident Response Capability” at SINET Showcase

DFLabs Founder and CEO, Dario Forte will be attending the SINET Showcase Conference where he will take part in the panel titled “Building and Achieving a World Class Incident Response Capability” in Washington DC on November 8th, 2017.

Sharing the stage along with Devon Bryan, Executive VP & CISO, The Federal Reserve System; Mary N. Chaney, VP, Int’l Consortium of Minority Cybersecurity Professionals and, Matt Olsen, Co-Founder, IronNet Cybersecurity, he will be explaining the importance of establishing situational awareness of threats for Enterprises and Government Agencies and implementing repeatable, automated workflows to accelerate preliminary incident response steps before security analysts are needed to execute late-stage investigations and implement remediations.

For more detailed information about the event please visit the SINET Showcase official website.

This press release was originally published by BusinessWire. Read the full press release here.

If you wish to get in touch with Dario Forte, contact Marc Gendron at [email protected] or +1 781.237.0341.

DFLabs’ VP of Security Evangelism, Oliver Rochford to Present a Session at the European Cyber Threat Summit 2017

Oliver Rochford, DFLabs’ VP of Security Evangelism and, former Gartner analyst, will be presenting at the European Cyber Threat Summit 2017 on October 24th, 2017 in Dublin, Ireland.

In his presentation, Mr. Rochford will be talking about the actual and perceived impediments to automated security incident response, addressing the top three concerns to unattended Incident Response and how to overcome them in a safe manner.

To get in touch with Oliver Rochford, please contact Marc Gendron at [email protected] or +1 781.237.0341.

This press release was originally published by Business Wire. Read the full article here.

DFLabs Unveils Machine Learning Powered First Responder Automation for Security Operations

DFLabs IncMan orchestrates the intelligence-driven SOC and CSIRT

BOSTON – ( BusinessWire  ) – DFLabs, the leader in Security Automation and Orchestration Technology, announced today the release of its new Playbook Recommendation and Intelligent Selection Mechanism (DF-PRISM), enhancing DFLabs security automation and orchestration with incorporated proprietary machine learning. The system uses patent-pending advanced methods and algorithms to detect operational intelligence such as security incident and resolution data to recommend playbooks and actions based on historical incident response activities. This approach minimizes the resources and time required to successfully analyze and respond to ongoing incidents while maximizing the effectiveness and efficiency of security teams.

At its core, DFLabs SAO enables security organizations to take a gradual “crawl, walk, run” path to developing effective processes for successfully responding to and managing threats as well as hardening security controls. Beginning with “Human Guided Learning” and evolving into “Human Supervised Learning”, users can create and apply simple, linear or conditional playbooks that combine manual, semi-automated and automated actions. Decision-making and conditional responses can be made manually by humans, automatically by machine, or a hybrid of the two – depending on the needs, requirements, and maturity of the organization.

Mature organizations can leverage the advanced Runbooks of DF-PRISM that support complex and stateful logical decision-making to enable an advanced and adaptive threat management program. Conditional responses that allow users to pursue a variety of alternative responses.

“In developing DF-PRISM, we have built a technology that enables users and the system to learn together and lets people determine their level of involvement in responding to and managing threats,” said Dario Forte, chief executive officer, and founder DFLabs. “Users get immediate value by tracking and responding to threats, then over time the system builds a knowledge base of responses that can be relied on to automatically manage the entire incident response process.”

According to recent research from Enterprise Strategy Group (ESG) entitled “Next Generation Cybersecurity Analytics and Operations Survey,” commissioned by DFLabs and other technology vendors, 92% of respondents have deployed, plan to deploy or are interested in deploying machine learning technology to support Automation and orchestration. The top drivers are accelerating incident detection (29%) and accelerating incident response (27%).

The research also found that 21% of respondents will deploy machine learning because they hope the technology can help maximize the productivity of their existing staff to compensate for their inability to hire enough new security operations personnel.

“Enterprises are finding it challenging to quickly respond to security incidents across a constantly growing attack surface and with limited resources, resulting in a large window of opportunity for attackers to execute the full kill chain and the potential for minor incidents to evolve into full-blown breaches , “Said Oliver Rochford, vice president of Product Marketing, DFLabs. “Augmenting analysts” smart eyeballs with machine learning will help organizations to reduce the time from breach discovery to containment, while also assisting in building, retaining and transferring institutional knowledge about past incidents and threats. ”

Innovative Threatscape Modeling

Leveraging machine learning, DF-PRISM constructs a model of the threatscape based on known and historical incidents, scoring and evaluating any incident based on unique and shared indicators and attributes and their relevance. The algorithms use this model to propose playbooks for similar or related threats. Threats known to the model are considered to have greater relevance, are scored more reliably, and are assigned a higher urgency and higher prioritization.

Key benefits include:

• Intelligence-guided false positive reduction
• Improves response time by up to 80%
• Automatically correlates and re-applies playbooks across Tenants in multi-user and MSSP environments

DF-PRISM is available immediately with version 4.2 of IncMan, which also includes:

• New Dual-Mode Playbook engines
• An advanced correlation engine
• An observable investigation view
• A unique set of features based on machine learning (ML) and supervised active intelligence to guide first responders
The current integration library is composed of over 100 different playbooks and connectors Can be customized by and shared between users without requiring scripting or coding.

About DFLabs

DFLabs – Cyber Incidents Under Control – is a recognized global leader in security automation and orchestration technology. The company is led by a management team recognized for its experience in and contributing to the information security field including the co-editing of many industry standards such as ISO 27043 and ISO 30121. Its flagship product, IncMan, has been adopted by Fortune 500 and Global 2000 organizations worldwide. DFLabs has operations in Europe, North America, and EMEA. For more information, visit  or connect with us on Twitter @DFLabs.

This Press Release was originally published on  BusinessWire

Dflabs Featured as a Prominent Vendor in the Cyber Security Industry

DFLabs IncMan is proud to be featured as a prominent vendor in the cyber security industry in 2 research reports listing key market players in the global incident response system market.

A recent report, titled “Global Incident Response System Market 2016-2020”, features key players in the incident response system market, notes their main challenges, and the market growth potential. This research report, created by Technavio, has been prepared based on an in-depth market analysis with inputs from industry experts and leaders. The report covers the present scenario and the growth prospects of the global incident response system market for 2016-2020, including a list of the key vendors operating in this market and DFLabs IncMan is featured as a Prominent Vendor In The Cyber Security Industry. Request sample copy of this report here

Read the full article here

In the Global Law Enforcement Software Market 2017-2021 report, featured in the “Surging Demand for Effective Communication in Law Enforcement”article, analysts forecast the Global Law Enforcement Software Market to grow at a CAGR of 5.12% during the period 2017-2021. The report covers the present scenario and the growth prospects of the global law enforcement software market for 2017-2021. The report features the market landscape and its growth prospects over the coming years and names DFLabs IncMan in their list of key vendors operating in this market. Request sample copy of this report here

Read the full article here