IncMan SOAR v4.7 – Taking Machine Learning and Availability to the Next Level

Back to all articles

IncMan SOAR v4.7

DFLabs is excited to announce the latest release of our IncMan SOAR – version 4.7, packed full of new features and enhanced capabilities.

Introducing IncMan SOAR v4.7

From clustering and high availability to new applications of machine learning and an expanded API, we’ve listened to our customers and delivered the kind of cutting edge features they have come to expect from the leader in the Security Orchestration, Automation and Response SOAR market.

For many years, DFLabs has used machine learning to improve the efficiency of the security operations process through Automated Responder Knowledge (ARK). Historically, ARK has learned from the decisions users make during the response to a potential incident to recommend responses to future incidents. In our latest release, DFLabs has significantly expanded the capabilities of ARK to include automatic event correlation and deduplication, allowing your team to penetrate deeper into your alerts. ARK will continue to allow administrators granular control over the implementation and weighting of inputs while expanding its reach to the critical task of sorting through the plethora of alerts to find those which pose the greatest risk to the organization. This latest iteration of ARK was designed as a modular platform to integrate seamlessly with the existing Open Integration Framework (OIF). This modular approach allows DFLabs to immediately release new and extended machine learning functionality through the OIF, reducing the time to get these enhancements into our customers’ environments.

DFLabs’ IncMan SOAR is deployed in a wide variety of environments; from single-server installations to high availability environments with redundant servers across the globe. With most SOAR implementations it is left to the customer, or perhaps an integrator, to build a high availability solution around the SOAR, significantly increasing the cost and complexity of the deployment. DFLabs’ latest release of IncMan includes a number of built-in high availability and clustering capabilities, reducing the cost and complexity when reliability and up-time is a critical concern.

In addition to these enhancements, our latest release includes many other new features designed to enhance the user experience and increase the efficiency of your security operations team. A new API ‘superuser’ account has been added, along with many new API endpoints, to expand the functionality and use cases for the IncMan API. New capabilities have been added to the incoming events automation workflow, allowing greater flexibility in triaging and handling incoming events, as well as the ability to manage event automation directly via email. Finally, newly added bulk event and Triage options allow users to progress through the investigation process even faster than before.

Existing customers can download the latest version of IncMan SOAR via the Community Portal today. If you would like a demo of the latest features of IncMan SOAR to see how DFLabs can help improve the efficiency and effectiveness of your security operations program, please click HERE to request a demo.

Get Started with a One-to-One Personalized Demo

Dramatically reduce the mean time to detection, response and remediation of all potential security incidents, ensuring no alert goes untouched.
See IncMan SOAR in Action.

Request a demo