Demisto, an innovator in Security Automation and Orchestration technology, and Securonix, the market leader in big data security and behavior analytics, today announced an integration partnership. Together, the two companies enable security operations center (SOC) analysts to dramatically improve their mean time to detect (MTTD) and mean time to response (MTTR), and more efficiently respond to cyber threats.
Security teams struggle with overwhelming numbers of alerts that need to be triaged, analyzed and remediated manually. To alleviate “alert fatigue” issues, security solutions need to improve detection rates, reduce false positives, and automate the response actions, while enhancing and retaining the appropriate context of the alert.
This bi-directional product integration solves these challenges and more. Demisto’s Security Operations Platform paired with Securonix’s SIEM and threat detection solution enriches investigation data with rich user context, activity timelines and violations. The combined solution enables security analysts and SOC managers to shorten the decision-making process by automating key tasks with included analyst reviews.
“Demisto integrates with Securonix to ingest high severity alerts and trigger automatic playbooks and workflows across different security products,” said Rishi Bhargava, co-founder of Demisto. “Such integration reduces the time between detection and response. Together, Demisto and Securonix enable SOC teams to improve all aspects of their security management chain – including improving detection and prioritization by adding relevant context and speedy response orchestration.”
Securonix’s SNYPR next-generation SIEM platform leverages a Hadoop big data infrastructure stack coupled with data science to detect and prioritize advanced cyber-attacks in real-time. SOC teams are alerted to a highly accurate and manageable number of critical threats using supervised and unsupervised machine learning algorithms.
“Finding the critical cyber-attacks against your organization is only the first step,” said Nitin Agale, SVP of Product at Securonix. “Quickly taking the necessary data gathering and threat mitigation steps are equally important to prevent massive data breaches. By automating the routine security response actions, security teams can shrink the incident response times, and address a much larger number of threats, thereby reducing overall risk.”
Demisto Enterprise integrates with more than 140 security products and enables customers to build playbooks for different security operations. These playbooks can include automation tasks or best practice steps to be followed in case of a security incident.
Demisto’s playbooks help reduce MTTR (Mean Time to Response) for security incidents. In addition, the case management and machine learning capabilities help security teams save resources and time while enforcing rigor and process to incident response.