Next Gen SIEM SOAR – Security Orchestration and Automated Response

Next Gen SIEM SOAR, automating incident reponse

Automating Incident Response 

When integrated with Huntsman Security’s Next Gen SIEM technology, the security  orchestration and automated response capabilities of the Analyst Portal creates  Next Gen SIEM SOAR.  The product delivers the complete range of security information management, real-time analysis, threat verification and incident workflow automation.

Next Gen SIEM SOAR product combines SIEM and automated incident response

Download Next Gen SIEM SOAR Brochure

 

What Next Gen SIEM SOAR delivers

Next Gen SIEM SOAR optimises the resources in your security operations:

  • Saves valuable time – reduces the risk window to seconds
  • Provides consistency through automation
  • Up to a 10-fold reduction in operating overhead, through automation of routine elements of diagnostic and resolution processes
  • Delivers precise security information to operations, management and audit stakeholders
  • Allows incident investigators to immediately answer key questions: ‘who, what, where, when and how’ around an alert
  • Focuses security teams on true indicators of compromise

 

How our Next Gen SIEM SOAR works

Next Gen SIEM SOAR collects and processes security data in real-time, using correlation rules and machine learning techniques to automatically validate threats. This automation can reduce the average time from threat detection to resolution  (currently 69 days) to slash your organisation’s time at risk.

 

Threat detection to response, an illustration of how to reduce your time at risk with Next Gen SIEM SOAR

The product provides two automated and unique response capabilities:

  • Threat verification  to dramatically reduce false positives
  • Delivery of a case file of all available and relevant information for threat resolution by (a) a senior analyst or; (b) machine automated action

Access Resources

 

Next GEN SIEM SOAR features

Key capabilities of Next Gen SIEM SOAR:

  • Detection and analysis of, and response to, alerts and threats in real-time
  • Extensive data support with sensor/agent/agentless collection from syslog, event logs, file-based audit trails, XML, database query, and network flow data drawn from hundreds of sources.
  • Fully integrated incident and case file management, automated workflow and full evidential recording
  • Display of real-time actionable intelligence with visibility of compromised IT assets or information flows in the event of a breach
  • Integration with malware detection solutions such as FireEye, BlueCoat, Cisco and Checkpoint to identify, prove and resolve advanced persistent threats

 

Next Gen SIEM SOAR dashboard

Next Gen SIEM SOAR dashboard

 

Integrates with a variety of 3rd party solutions

 

CISCO

Next Gen SIEM SOAR (incorporating Analyst Portal) works with 3rd party enforcement tools such as Cisco ISE to automate security processes enabling Rapid Threat Containment.  You can also find information on Cisco Marketplace.

Huntsman Analyst Portal Automated Threat Containment and Cisco ISE

 

FireEye

Next Gen SIEM SOAR (previously called ‘Analyst Portal’) integrates with FireEye to resolve cyber attacks in seconds.  See details on FireEye’s website.

Find out more about our Next Gen SIEM SOAR software 

Download Next Gen SIEM SOAR BrochureRequest More Info