WitFoo announced the release of version 6.1.5 of its Precinct product. This latest version introduces various new capabilities and features.
High speed search
The 6.1.5 release adds advanced indexing and search algorithms that leverage the innovations from natural language processing (NLP) to find infrequent records in the data lake with efficiency improvements greater than 99 percent. “Needle in the haystack” queries that could take hours in earlier releases can now be resolved in seconds.
Intelligent object-oriented SOAR
Precinct 6.1.5 utilizes real-time object-oriented analysis that updates incident data as evidence is received, comprehended and contextualized. Intelligent, responsive playbooks that learn from user and data inputs automatically adapt to the circumstances of a specific investigation to deliver comprehensive investigation while optimizing the use of human labor.
“Performing law enforcement quality investigations requires acumen, evidence, organization and proper tactics. It also requires imagination, flexibility and collaboration.
The dynamic playbooks in Precinct 6.1.5 help move SECOPS philosophies closer to those used by seasoned law enforcement agents,” remarked WitFoo law enforcement advisor, Detective Bill Ritch.
Resilient federated operation
Precinct 6.1.5 expands capabilities for managed security services provider (MSSP), military units, cybersecurity insurers and distributed organizations in delivering federated security operations.
This latest version adds the capability of one-way transmission of incidents to support diode operation to move data from security isolated enclaves to centralized security operation centers for analysis.
“The federated data and operations sharing of Precinct 6.1.5 enables users even in disconnected, intermittent, and limited bandwidth (DIL) environments to share data and coordinate while operating in challenged environments.
“Furthermore, the ability of one-way transmission and offline capabilities enables security operations centers (SOCs) to leverage an isolated enclave approach to protecting security operations,” said Ardalyst CTO, Josh O’Sullivan.
Framework inventory
Through message comprehension, Precinct 6.1.5 detects coverage of security products and maps the coverage to compliance frameworks including PCI, NIST 800-53, CMMC and CIS Critical Security Controls.
“Mapping machine data to the CIS Critical Security Controls has already been of great help to us in assisting our mutual customers in driving toward sustainable SECOPS.
“The ability to toggle between multiple frameworks in version 6.1.5 of Precinct gives us the capability to have an objective, pragmatic discussion on building a roadmap that delivers standards-based compliance while also delivering meaningful protection that reduces security spend,” said CyberOpz CTO, Tom Rudolp.
from Help Net Security https://ift.tt/3m8OlhU
0 comments:
Post a Comment