Security Operations

3 Steps to Security Operations Automation

Dan Lamorena
by Dan Lamorena
category Security Operations

Automation is one of the critical investment areas for IT organizations in nearly all facets of the business.  One area where it is crucial, is in security operations.  The gap between the number of security alerts flooding into SOCs and the people who can review and address them is getting larger and larger.  Most of those alerts are false positives.  Many organizations are looking at Security Orchestration, Automation, and Response (SOAR) platforms to help with incident scoping and upstream investigations.

However, SOAR platforms require a lot of care and feeding to get up and running and take a lot of effort to maintain.  Replacing cheaper monitoring resources with more expensive security engineering resources (to code, write playbooks, etc.) doesn’t make a lot of sense.

There is a better way.  If you want to see which automation projects to prioritize and see how you can reduce total cost of ownership for your SOC investment, check out this paper - 3 Steps to Automating Security Operations.  As Eric Adams, CISO of Kyriba says, “automation is key for scalability across platforms and geographies.” Automation provided through Respond Software has Kyriba to free up people resources for other projects while improving the job satisfaction of their security analyst team.

To learn more, download 3 Steps to Automating Security Operations.