What Happens When You Combine SOAR with Existing Security Technologies

Security teams and Security Operations Centers across the industry face many similar challenges, some of which include increased workload, budget constraints, competition for skilled analysts and repeating manual processes.

Managed Security Service Providers (MSSPs) are facing many of these challenges, multiplied by the scale at which they operate.  Enterprises across the globe are increasingly turning to Security Orchestration, Automation and Response (SOAR) solutions to address these growing challenges.

It now seems clear that SOAR is not just a feature. It is actually becoming a critical component of an advanced security program.  Our existing manual processes simply do not scale to the level they must.

Enterprises cannot continue to respond to today’s growing security threats effectively without some level of automation and orchestration.  Gartner predicts that the adoption of SOAR solutions will increase enormously over the next several years.

Read the entire article here.

DFLabs Presents Updated Platform to Improve Security Incident Reporting

DFLabs, provider of Security Orchestration, Automation and Response (SOAR), has just introduced the latest updated version of the IncMan SOAR platform that uses automated event triage to significantly lower the number of alert-generated security incidents.

START (Simple Triage And Rapid Treatment) Triage is used in production by a major European bank to eliminate manual first line assessment of suspected fraudulent online transactions. IncMan SOAR reduces triage time by 90% for cyber fraud events generated by its mainframe and other external systems.

Usually a single security alert received by a SOAR platform generates an incident, which must be investigated. This process can lead to an overwhelming number of security incidents, sometimes created by false positive alerts, that have to be addressed by security operations center (SOC) staff.

The latest version of IncMan SOAR focuses on reducing the number of incidents created by false positives, as it ingests alerts from any source via a new API for triage to determine whether they should be converted to an incident or discarded. Michele Zambelli, CTO of DFLabs says: “Not every alert deserves to become and be processed as a security incident, yet that is how SOAR products currently operate. The new release of IncMan SOAR is breaking this cycle. By applying our automation engine, enrichment and containment capabilities to events using a triage process, we can dramatically reduce the number that are turned into incidents, and placed into the queue for deeper assessment by IncMan and security analysts.”

Read the entire article here.

DFLabs’ Senior Product Manager John Moran on Security Weekly – The Security Podcast Network

Watch DFLabs’ Senior Product Manager, John Moran, on a live interview on Security Weekly – The Security Podcast Network for information security professionals by information security professionals, talking about what is Security Orchestration, Automation and Response (SOAR) and what problems it solves.

Watch the full live interview here.

John Moran, DFLabs – Enterprise Security Weekly #99 – 18th July 2018

DFLabs to Discuss How Orchestration Can Facilitate Knowledge Transfer and Improve Incident Response at SANS SOC Summit 2018

DFLabs’ Vice President of Professional Services, Mike Fowler will present a session on improving incident response capabilities and how to overcome the shortage of skilled security operations staff at the SANS Security Operations Center Summit on Monday, July 30, 2018 at 12 PM noon CDT.

The shortage of skilled SOC personnel worldwide is only getting worse. With increasing workloads, inexperienced security analysts need to be brought up to speed quickly so they can contribute effectively to SOC Operations. In this session, “Leveraging Orchestration to Facilitate Knowledge Transfer in Security Operations,” Mike Fowler will present a framework that combines a traditional and new knowledge transfer techniques with the help of orchestration to enable under-resourced SOCs to achieve new levels incident response efficiency and productivity.

This press release was originally published on Business Wire. Read the full press release here.

DFLabs IncMan Recognized by Ovum for Security Orchestration, Automation and Response (SOAR)

DFLabs’ IncMan SOAR platform has been featured in the new “On the Radar” Report by Ovum. IncMan was recognized for addressing the security orchestration, automation and response (SOAR) requirements of midsize to large organizations and MSSPs in highly regulated industries and businesses, enabling them to meet stringent existing and impending requirements including the EU’s GDPR.

This press release was originally published on Business Wire. Read the full press release here.

IncMan SOAR Platform Product Review by Cybersecurity Insiders

Cybersecurity Insiders, one of the world’s leading news sources for information security professionals, has published a review of the DFLabs’ IncMan Security Orchestration, Automation and Response platform, highlighting its signature R3 Rapid Response Runbooks model as a distinguishing feature that sets it apart from its competitors.

Read more about the review here.