SOCAutomation in Collaboration with CyberKombat



February 15, 2016

Josh Walker

London – February 15th, 2016 – Honeycomb Technologies Limited, a provider of security orchestration and automation platforms, today announce the alliance between SOCAutomation, the market-leading Incident Response and Security Fabric platform, and CyberKombat, an attack/defence experience designed to test and develop a SOC teams’ response to an alert. This combination enables a hands-on experience between SOCAutomation and CyberKombat, hugely enhancing the capabilities of security teams.
With the modern day cyber threat constantly changing, it is of utmost importance for security teams to be sufficiently prepared to defend against these evolving incidents. The rising frequency of cyber alerts, mirrored alongside the widening gap of skilled security personnel creates a burdening sense of wilderness in the security sphere.
SOCAutomation transforms incident response by bringing cohesion and context to security processes. It enables organisations to clearly see and handle security incidents, and clearly communicates the process throughout the relevant security and business IT teams, and, if necessary, across third parties and outsourcers. Automation is leveraged throughout the platform to map incoming security data from any data source to their assets and stakeholders, automatically generate the relevant incident Run-Book to orchestrate the security and infrastructure point solutions, track and audit the process, and automate remediation.
CyberKombat is a brand new experience, created through a Satisnet/IBM collaboration, designed to replicate a serious cyber attack on an organisation, giving real life SOC teams the opportunity to test their abilities and gain a wealth of new skills in the process.
The CyberKombat experience is delivered at Satisnet Innovation Centre in Luton, Bedfordshire, and comprises of a full day of tutoring and hands-on experiences of dealing with cyber threats. Depending on numbers, the teams are divided into two: the Red Team and the Blue Team. If the teams are not large enough or if additional attacking or defence skills are required, Satisnet security personnel will bolster specific teams and provide technical assistance and advice. The Red Team is responsible for attacking and compromising a set of hosts, while the Blue Team is responsible for detecting the attacks and, in a limited form, protecting the hosts.
In parallel to the Red/Blue team, C-level management participate by utilising table-top exercises and interaction with the Blue team to analyse potential emergency incidents and to examine existing operational plans and determine where they can make improvements. These exercises provide a forum for planning, preparation and coordination of resources during any kind of attack.
SOCAutomation and CyberKombat Collaboration
Introducing SOCAutomation in collaboration with CyberKombat. The two combined will better prepare security teams for potential cyber breaches, and will provide necessary training to align with these increased risks. The SOCAutomation-CyberKombat experience will familiarise security personnel with the day-to-day point solutions that will be used, as well as seeing how these integrations work in tandem through SOCAutomation’s unique Security Fabric. This will show how automation and orchestration is utilised throughout a coordinated and prioritised incident response platform, formulating the perfect base for a security team to protect business infrastructure and assets.


Honeycomb Technologies, based in Oxfordshire, England with international offices in London, Chicago and Hyderabad, is a market-leading pioneer of Incident Response and the Security Fabric, a platform that interweaves and orchestrates security and infrastructure technologies. Honeycomb’s orchestration and automation platform SOCAutomation makes best use of a company’s existing security investment, and shields security teams from time-consuming and laborious investigations into a multitude of point security and infrastructure solutions.
SOCAutomation enables companies to maximise the Return on Investment (ROI) of their security expenditure. Some of the key strategic relationships for SOCAutomation include; IBM QRadar, Splunk, Trend Micro, Cisco, Palo Alto Networks, Carbon Black, FireEye and McAfee. The solution is available as an on-premise or Software as a Service (SaaS) based offering.

Tags: , , , ,