Ignition Technology announced a partnership with Siemplify as its exclusive distributor to bring the leading independent provider of security orchestration, automation and response (SOAR) technology to a growing MSSP community across the UK.
Siemplify is redefining security operations for MSSPs worldwide through its innovative platform that helps security teams manage their operations and respond to cyber threats with speed and precision. The Siemplify SOAR platform combines security orchestration, automation, and response with end-to-end security operations management to make analysts and security engineers more productive.
“As the MSSP market matures, customers are increasingly expecting more than just the delivery of alerts – ultimately, they want their MSSP to chase down these alerts and, if needed, carry out the remediation work to both stop the attack and fix the underlying issue,” says Sean Remnant, CSO for Ignition Technology.
“The issue is that resolving every phishing email or suspicious login is time consuming – and in many cases, requires significant human intervention from a skilled security analyst. This process is difficult to scale while remaining cost efficient so what happens is that some MSSPs may end up cutting corners due to the sheer workload.”
“Instead, platforms such as Siemplify do more than just sort the wheat from the chaff but also carry out certain remediation steps in an automated way that can dramatically reduce a security analysts’ workload – and ultimately – better serve the end customer,” says Remnant.
Siemplify uses patented technology to continuously analyse alerts from all sources, identifying common entities indicative of a coordinated attack. This allows MSSPs to focus on threats rather than alerts.
When real threats are detected, Siemplify automatically combines contextually related alerts into a single case. This typically reduces the caseload of a security analyst by up to 80%, where analysts work only threat-based investigations, speeding time to resolution and driving more productivity.
“Technically speaking, Siemplify is one of the most advanced products of its type in the market, but potentially as important is that following a round of consolidation in the related SIEM market over the last two years – Siemplify has remained independent and uses open API’s to allow an MSSP to tailor it to their own environment, and the wide array of cyber security products they and their respective clients may have in use,” says Remnant. “Whether that’s Palo Alto, Checkpoint, Fortinet or whatever – Siemplify is agnostic and wants to engage with the widest possible security vendor ecosystem which is great for partner choice.”
The solution is fully multi-tenanted and supports integration with third-party ticketing and helpdesk systems including ServiceNow, BMC and Jira. Ignition will work closely with Siemplify to both grow and enable the fledgling UK channel including pre, and post-sale support, integration best practice and advanced training.
“Ignition is a perfect partner for our continued growth within the UK MSSP community as we share many of the same values around helping partners use automation to overcome the challenges we all face with recruiting and retaining skilled staff,” says Wayne Geockeritz, VP Global Channel Sales for Siemplify.
“As more organisations turn to MSSPs to deliver a broader range of cyber security services, security orchestration, automation and response is becoming vital in helping providers to focus on the critical events and better utilise their expertise. But on a very human level, security analysts already have a difficult job and if an MSSP hopes to get the best out of these skilled practitioners, it is vital that they give them the right tools to get the job done!”
from Help Net Security https://ift.tt/2R2lAZc
0 comments:
Post a Comment