Huntsman Security’s SIEM provides extensive automated response script and command execution capabilities, (Guardian Response). Additionally, we provide the option to include our integrated Security Orchestration, Automation and Response (SOAR) technology.

Guardian scripts can automatically initiate complex automated responses, including:

  • Asynchronously seek data to enrich the investigation process, therefore reducing operator workload and limiting the time between detection and response
  • Verify security alerts in seconds, automatically seeking supportive contextual data to distinguish between real threats and false positives
  • Support the threat response process of security analysts through the delivery of a case file of all available and relevant threat information, or launch specific machine-automated actions in response to trigger events

Once an alert has been legitimised as both serious and genuine, the system can be configured to take actions to mitigate risks such as (i) threat containment at a network level; (ii) initiate perimeter/Wi-Fi connection termination; (iii) isolate or suspend a user account based on malicious user activity.

Built-in high speed detection capabilities, matched to the MITRE ATT&CK® framework

Any data set within the system easily translated into a report and automatically published to a relevant stakeholder

Real-time machine learning capabilities to detect unknown threats

Complete support for the alert triage, investigation and response lifecycle

SIGN UP TO RECEIVE CYBER SECURITY INSIGHTS

Read by directors, executives, and security professionals globally, operating in the most complex of security environments.