News and Events

SOCAutomation News

SOCAutomation featured in Gartner 2020 SOAR Market Guide March 4, 2021 Posted in: SOCAutomation News

SOCAutomation‘s HyperAutomation SaaS technology is featured in this year’s Gartner’s 2020 Market Guide!.

Our HyperAutomation SaaS Orchestration signals a quantum leap forward for ensuring deep security for your business. Check out Gartner’s 2020 SOAR Market Guide for more details.

The Answer To Today’s Risks May 18, 2016 Posted in: SOCAutomation News

The IT Insider talked to cyber-security specialists Honeycomb Technologies about how businesses can arm themselves against modern day threats – maintaining control through automated and orchestrated security tasks.
Today’s biggest security challenge
In today’s digital world in which the sophistication and frequency of cyber attacks is hitting the headlines on an almost daily basis, security teams are being inundated with information from Security Information and Event Management systems (SIEMs), firewalls, scanners and a whole host of other security solutions – each with their own form of alerts and reporting. Whilst this information is undoubtedly valuable, the volume of data that needs to be searched through is increasingly problematic for security teams that have limited resources available to deal with each incident. The increasing number of point security tools also means that there’s often a lack of integration with the organisation’s existing infrastructure, resources and processes – exacerbating the problem even further.

Speed is of the essence
According to a recent report by the SANS™ Institute, today’s cyber criminals have learned to be patient rather than taking the traditional ‘hit and run’ approach – harvesting more data and having a significant security and financial impact. Because of this, organisations need to detect and respond to incidents as quickly, efficiently and accurately as possible to minimise the data loss, impact on customers and subsequent regulatory penalties. Of the 507 respondents to the SANS 2015 Incident Response Survey:

  • 36% spend an average of 24 hours or less to remediate an incident
  • 51% take more than 2 days to remediate
  • 66% cited a skills shortage as an impediment to effective incident response (IR)
  • 45% cited a lack of visibility into events across a variety of systems and domains
  • 37% are unable to distinguish malicious event from non-events

Overall, the results revealed an increasingly complex response landscape and the need for automation of processes and services to provide visibility across systems and best practices for remediation.
Clarity is key
To deal effectively with the constant flow of incidents and alerts, security teams need a new way to orchestrate incident response and management across their organisation. The first stage is to clearly define what constitutes an incident and then clearly communicate the process for handling it throughout the company and if necessary, across third party organisations. The next step is to automate the orchestration of security tasks to accelerate and improve the decision-making process.
Integration is essential
By integrating incident management and incident response systems – bringing all the disparate tools into one platform – the whole security process can be streamlined, creating cohesion throughout the organisation. However, it’s essential to ensure that you invest in an open, industry-standard platform that will integrate seamlessly with both existing and future investments.
SOCAutomation is an IT Security automation and orchestration platform that transforms incident response. This platform-agnostic solution integrates all existing and future security products, bringing them into one security fabric. SOCAutomation combats the growing complexities of information security alongside the sophistication of cyber criminals, streamlining security processes and enhancing capabilities.
Automation and orchestration technologies should now be an integral part of any organisation’s security strategy. These technologies address the increasing skills gap and the rise in complexity of incidents – ensuring that a business understands which risks to focus their resources on.
Click here to find out more about best practices for securing, automating and orchestrating your organisations incident response strategy
Source – The IT Insider Security Blog

More News

CISO Challenges July 20, 2016 Posted in: Industry News

3 Part Series from TechTarget – ‘CISO Challenges’

1 – Identifying and Addressing Common Problems
The first part of this series discusses the modern-day issues surrounding cyber security and the threats posed on organisations. These cyber threats are giving CISOs (Chief Information Security Officers) an ever greater challenge, not only to keep up with the changing threat landscape, but also the best way to coordinate and prioritise incidents as and when they come in. This article also describes the struggle that some CISOs/C-level security personnel go through to try and bridge the gap between technology and the business.
2 – Addressing Cyber Security Blind Spots
The next part of this series examines the need for more advanced information security systems, tools and processes, in order to combat the modern challenges posed by cyber threats. The greater need for these innovative, proactive and state-of-art systems is a pressing situation for CISOs, underlining the changing nature of cyber security.
3 – Cyber Security Blind Spots: Mitigating Risk and Vulnerabilities
The last part of this series detailing ‘CISO Challenges’ explains the fact that risks and vulnerabilities are becoming more difficult than ever to first spot, and then address. The article then follows up by claiming that detection technologies are often very narrow in scope, further stressing the need for more advanced and innovative information security tools and processes.

Our Response

SOCAutomation brings all existing and future security products under one platform. This Security Fabric makes it easier for companies to spot, coordinate and respond to the incidents generated by the information security tools feeding into it. This all-encompassing solution aligns information security to the business, bridging the increasing gap between technology and the organisation, which is a growing enterprise issue.
SOCAutomation is a state-of-art solution which uses proactive methods and parallel intelligence systems to triage incidents/alerts generated by third-party security products. SOCAutomation then generates tailored best-practice Run-Books based on company processes, necessary stakeholders and type of incident. These highly-personalised Run-Books guides participants through the stages to remediation, allowing the organisation to return to a state of normalisation. The powers of automation and orchestration cancels out the time it takes to take in an alert and triage it manually through the organisation. This creates valuable time within an incident to concentrate on the remediation process. SOCAutomation truly streamlines incident response processes.

Context-Rich and Context-Aware Cyber Security July 18, 2016 Posted in: Industry News

With SOCAutomation, all existing information security products can be connected and integrated together into one Security Fabric. The power of automation and orchestration is used throughout the solution to triage incidents/alerts generated by third-party tools. The necessary intelligence will then be gathered and the required stakeholders found, all automatically. Following this, tailored Run-Books will be generated in line with the policies, procedures and requirements aligned to the organisation. These Run-Books detail the tasks needed to be completed within the incident-life and guides participants along the route to remediation. SOCAutomation altogether improves the effectiveness and efficiency of incident response, enhancing the organisations’ information security capabilities.

What’s at Stake: Why Incident Response Matters July 15, 2016 Posted in: Industry News

With SOCAutomation, cyber incidents and alerts are coordinated and prioritised in line with the requirements of the organisation. This leads to streamlined, effective and efficient mitigation/remediation processes. This state-of-art solution takes in all generated incidents/alerts from the organisations’ existing, and future, information security stack. This give cyber security a high priority within the organisation, which is needed to combat the modern day cyber threat landscape.
This all-encompassing, extremely detailed and thorough incident response platform leaves no stone unturned. All aspects of the incident, and the procedures thereafter, are examined, in line with the processes of the organisation. Automation and orchestration is levered throughout SOCAutomation, empowering the SOC (Security Operations Centre) team to combat cyber threats, effectively securing the valuable assets and infrastructure of the organisation.

Cyber Security Study Reveals Lack of Boardroom Governance Across UK Industries April 6, 2016 Posted in: Industry News

SOCAutomation is a solution that enables an effective response to breaches and provides a prioritised and coordinated Incident Response plan. The SOCAutomation platform also provides confidence between IT teams and management due to the detailed and clear-cut security Run-Books and reports which underlines the tasks that individuals/teams are completing. This solution also reinforces confidence that the IT budget is being spent well and providing the company with heightened cyber security.

Combating the Cyber Security Job Crunch April 6, 2016 Posted in: Industry News

SOCAutomation answers the growing fears of cyber security. This solution brings all of the point security products together into one security fabric, automating many tasks that ultimately creates a more effective recovery response for SOC teams. Alongside this automation, SOCAutomation auto-maps out the incident to required stakeholders who need to respond to the threat, and orchestrates tasks needed to be completed by individuals/teams. This saves a huge amount of time within each separate incident, allowing more focus on the remediation process. SOCAutomation makes the most out of an organisations’ resources, truly streamlining the Incident Response process.

European Union GDPR Data Rules Prompt Cyber Security Review April 5, 2016 Posted in: Industry News

SOCAutomation meets the new EU regulations, and provides a scope of security to handle the modern day threat. The auto-orchestration Security Fabric provides this necessary innovation and shields organisations from any potential, increasingly detrimental breaches. This modern approach to Security interweaves all of the integrations into one Security Fabric, giving this ‘composite view’ that is required to successfully achieve remediation. SOCAutomation transforms Incident Response and provides the futuristic security processes that is needed to effectively shield business infrastructure and assets.

Cyber Security: Mapping The Unknowable Risk April 4, 2016 Posted in: Industry News

SOCAutomation provides a sufficient level of security to protect businesses against the imposing nature of cyber attackers. This automation and orchestration Security Fabric connects all of the relevant stakeholders into each specific Security Incident. SOCAutomation embeds itself deeply within the company, showing the tight integration levels that this platform is capable of. This comprehensive cyber security process / strategy empowers all necessary stakeholders with complete transparency within each incident. This gives everyone, from SOC teams to C-level management, the knowledge within an incident and this provides the basis for the road to remediation.

Cyber Threat: How To Respond…And When March 31, 2016 Posted in: Industry News

SOCAutomation works with all variations of cyber attacks (e.g. Phishing, DDoS, APT, Malware, etc.) and can also be utilised for non-cyber incidents too (e.g. door access, CCTV breach, etc.). This vast array of cyber variations shows that SOCAutomation provides all the information and context to achieve remediation from an Incident. This unique Incident Response platform auto-generates Security Run-Books within the incident. These Run-Books are totally customisable and business-specific, guiding the security personnel through the remediation process. This auto-orchestrated Incident Response platform provides a streamlined Security process that shields and protects company infrastructure and assets.

Government To Invest £1.9 Billion Into Cyber Security March 31, 2016 Posted in: Industry News

The innovation of SOCAutomation matches the increasing concern surrounding cyber security. Then intelligence of this Security Fabric cleverly takes in all of the data and context required to remediate from an Incident. Using parallel intelligence platforms, the interweaving Security Fabric blankets all of the point solutions into one mesh, allowing the alert to be understood and enhances the recovery process. SOCAutomation provides a sufficient level of security for the business through this automation and orchestration platform, filling the void left by the increasing skills gap of security personnel.

Cyber Security Budgets Not Rising in Line With Threats, Say Security Pros March 31, 2016 Posted in: Industry News

This articles shows that there needs to be a lot more proactive within the scope of cyber security. Investment levels need to rise to ensure sufficient protection from the growing threat landscape. SOCAutomation deals with and handles the increasing complexity of cyber threats, matching these said requirements in which businesses are not keeping up with. A rise in complexity of threats often results in a rise in required point solutions – SOCAutomation blankets all of these security products into one auto-orchestrated Security Fabric, underlining the level of protection added to business infrastructure and assets. The reporting and easy-to-understand Security Run-Book capabilities of SOCAutomation also provide C-level management with significant information surrounding a specific alert or the teams Incident Response process as a whole. This means that management can see that the investment is crucial to protect against the modern day threat.