Security orchestration platform enables SOC teams to automatically match cases and analysts for more effective investigation and incident response
Siemplify, the leading innovator in security orchestration, automation and response (SOAR) today revealed new machine learning capabilities in its award-winning security operations platform. With this new version, security operations teams can expedite day-to-day workflow activities such as automatically assigning cases based on past analyst experience and identifying prior threats that can shed light on the best way to address new ones.
The Siemplify platform acts as a workbench for SOC teams by unifying security tools and processes across an organization’s entire environment. With this single pane of glass, security operations teams have a hub for managing technologies, investigating and triaging alerts, building and running consistent incident response playbooks and collaborating across the SOC.
Earlier this year, Cisco’s 2018 Annual Cybersecurity Report found that 34% of CISOs use machine learning to detect anomalies and notify their teams of potential vulnerabilities. With this enhanced detection capability comes the need for equivalent machine learning capabilities that help security operations teams keep pace and streamline daily security operations practices to most effectively address identified threats.
“Machine learning is often over-hyped, but our ability to apply this technology to analyze all previous analyst actions and their outcomes, allows us to provide truly valuable, usable recommendations and insights to security operations teams, ” said Amos Stern, co-founder and CEO, Siemplify. “Security teams can now improve their decision making and speed up the investigation and remediation of threats.”
Release features include:
- Machine learning for better threat investigation – Automatically assign cases to analysts based on previous case assignments and leverage prior threats to inform current investigations.
- Enhanced playbook editing features – Maximize playbook customization and editing capabilities within the platform’s drag-and-drop playbook builder.
- Additional entity types for threat mapping – Identify and investigate even more entities and relationships to build a full threat storyline, including credit cards, phone numbers, and threat actors.
- New dashboard widgets and drill-down functionality – Analysts and SOC managers can now get an even better view of SOC performance with additional SOC KPI widgets for enhanced visibility and continuous improvement.
Built by security operations experts, the Siemplify platform delivers a powerful automation and orchestration engine that is fully customizable for engineers and a simple, intuitive SOC workbench that analysts love. As a result, security operations teams using Siemplify are able to eliminate alert fatigue, triple analyst productivity and reduce mean time to respond by 70%.
Siemplify’s latest version is generally available for new and existing customers.
Siemplify provides a holistic security operations platform that empowers security analysts to work smarter and respond faster. Siemplify uniquely combines security orchestration and automation with a patented contextual investigation and case management to deliver intuitive, consistent and measurable security operations processes. Leading enterprises and MSSPs leverage Siemplify as their SOC workbench, tripling analyst productivity by automating repetitive tasks and bringing together disparate security technologies. Founded by Israeli Defense Forces security operations experts, Siemplify is headquartered in New York with offices in Tel Aviv. www.siemplify.co