The companies have integrated their LogPoint SIEM and IncMan SOAR products for interoperability in any customer environment.
Gartner coined the term SOAR to describe an approach to security operations and incident response that aims to improve security operations’ efficiency, efficacy and consistency.
SOAR allows organizations to collect security data and alerts from different sources, including a SIEM, and perform incident analysis and triage using a combination of human and machine power.
This helps to define, prioritize and drive incident response activities to a standard workflow.
“The deep integration of the LogPoint SIEM with DFLabs IncMan combines the power of each solution to create a more robust, efficient and responsive security program,” said Dario Forte, CEO and Founder of DFLabs.
“Together IncMan and LogPoint enable organizations to automate most of the work performed by security analysts, and accelerate incident detection and response actions from hours to seconds.”
Taking advantage of LogPoint’s ability to ingest volumes of data, provide real-time cybersecurity analytics and generate alerts, DFLabs IncMan manages the incident response process for each SIEM alert.
IncMan automates and orchestrates the manual and repetitive tasks that would take analysts hours to complete to ensure all alerts are assessed and flagged for further investigation if necessary.
“With accelerated detection and response and the added benefit of utilizing playbooks and runbooks to formalize the response handling procedure, we will provide true operational value to our customers,” said Jesper Zerlang, CEO of LogPoint.
“From a business value perspective, LogPoint and DFLabs are individually delivering the best feature to price ratio in the market, but even more so as a joint solution.”
Both DFLabs and LogPoint incorporate machine learning into their solutions to reduce false positives.
In addition, DFLabs uses machine learning to automatically reapply previously successful actions and playbooks, facilitating knowledge sharing capabilities.
from Help Net Security https://ift.tt/2tKYarK
0 comments:
Post a Comment