Automated and Orchestrated Security Incident Response – Introducing SOCAutomation



December 14, 2015

Josh Walker

London – December 14th, 2015 – Honeycomb Technologies Limited, a provider of security orchestration and automation platforms, today announce the worldwide availability of SOCAutomation – market-leading Incident Response security orchestration and automation platform. SOCAutomation provides a security fabric that automates the complexities of information security data and processes, based on the SANS six Steps to Incident Response, transforming businesses’ security processes and capabilities.
Honeycomb Technologies have a pedigree in Security Information and Event Management (SIEM) and have evolved to focus on Cyber Incident Response. SOCAutomation enables organisations and Managed Security Service Providers (MSSPs) to overcome the numerous challenges faced in securing business infrastructure and assets. These challenges include: the increasing volume and sophistication of security attacks, a multitude of point security tools and technologies that do no interoperate, lack of skilled security resources, inherent lack of business context and business integration; and lack of agility to adapt to new business initiatives – e.g. cloud driven services. The platform is highly scalable, handling huge event and incident volumes with full multi-tenancy capabilities for large organisations and MSSPs.
SOCAutomation transforms Incident Response by bringing cohesion and context to Security processes. It enables organisations to clearly see and handle Security Incidents, and clearly communicates the process throughout the relevant Security and Business IT teams, and, if necessary, across third parties and outsourcers. Automation is leveraged throughout the platform to map incoming Security data from any data source to their assets and stakeholders; automatically generate the relevant Incident Run-Book to orchestrate the security and infrastructure point solutions, track and audit the process, and automate remediation.
Cyber security is a complex problem and modern day security teams struggle to understand the myriad of new, existing and emerging patterns, be they attack vectors or the granular detail around Indicators of Compromise (IOC’s). SOCAutomation enables these complex patterns to be orchestrated and partially or fully automated so that Security resolution can be delivered with minimal high-skilled security personnel intervention, allowing these valuable people to focus on making the business more secure.
SOCAutomation provides management with an instant status view as to the progress of a specific security incident, informing them of the impact on the company, what systems are affected, which stakeholders are involved and when and how it will be resolved. There is also the ability to run fire drills to test the organisations incident handling processes and timeliness.
The rising strain on security resources runs alongside the increasing skills gap of security personnel. SOCAutomation bridges the gap of these increasing issues by producing an automated-orchestration platform through an extensible library of auto-generated Security Run-Books. This enables SOC teams to efficiently handle the Security process, leading to the remediation of the incident.


Honeycomb Technologies, based in Oxfordshire, England with international offices in London, Chicago and Hyderabad, is a market-leading pioneer of Incident Response and the Security Fabric, a platform that interweaves and orchestrates security and infrastructure technologies. Honeycomb’s orchestration and automation platform SOCAutomation makes best use of a company’s existing Security investment, and shields security teams from time-consuming and laborious investigations into a multitude of point security and infrastructure solutions.
SOCAutomation enables companies to maximise the Return of Investment (ROI) of their security expenditure. Some of the key strategic relationships for SOCAutomation include; IBM QRadar, Splunk, Trend Micro, Cisco, Palo Alto Networks, Carbon Black, FireEye and McAfee. The solution is available as an on-premise or Software as a Service (SaaS) based offering.

Tags: , , , , ,