SecOps

siemplify

Feature Spotlight: Using the Siemplify Expression Builder

Part of the challenge security analysts face when completing investigations is ensuring they have all the data needed to make informed decisions. With so many security, IT, and productivity tools generating vast amounts of rich data, analysts need a way to scalably scour this data to find the proverbial needle in the haystack. The Siemplify Security Operations Platform provides exactly that functionality with the new playbook Expression Builder.

siemplify

SOC Automation 101: How to Use SOAR to Overcome Time-Consuming Tasks and Address Alerts (Video)

With the introduction this year of so-called “robot umpires” into professional baseball – as part of an experiment in the United States’ independent Atlantic League – jeering fans may be wondering whether their days of booing a missed call will soon be behind them.

siemplify

CrowdStrike & Siemplify: Integrating Endpoint Protection and SOAR

Recently leading analyst firm Gartner released its annual Magic Quadrant (MQ) for Endpoint Protection Platforms (EPP). Decision-makers look to MQs to help guide their selection of vendors for new projects and to reassure management deployed products are among best available. This year Crowdstrike is part of the elite “Leaders” quadrant of the EPP MQ, an explicit acknowledgment that the products and services the company offers are delivering significant value to customers.

siemplify

Why Successful SOCs Detect Earlier and Respond Faster

Of all the security operations center efficacy metrics, arguably none is more indicative than mean time to detect (MTTD) and respond (MTTR). MTTD reflects the amount of time it takes your team to discover a potential security incident, while MTTR is the time it takes to control, remediate and/or eradicate a threat once it has been discovered.

siemplify

Connecting the SOC to IT with Digital Workflows via ServiceNow

A common challenge security operations centers face is competing remediation and recovery actions fast. If the analyst has the authority to personally take action, this isn’t usually a problem. However, in many organizations, analysts don’t have unfettered power to make changes across the organization. Instead, analysts commonly submit a change request to the IT department to fulfill.