Security Orchestration Automation and Remediation (SOAR) Integration

The Respond Analyst enables organizations to unlock the true automation capabilities of their SOAR deployments by managing the up-front analysis of events before they are passed to the SOAR system. The Respond Analyst is scalable to handle millions of events, only escalating real incidents into SOAR for remediation

Inferred Context in Security Analysis

Can the Respond Analyst really mimic a security analyst’s judgement? What is Inferred Context in Security Analysis? The Respond Analyst improves security escalation decisions leveraging existing sensors along with context of local environments, such as Dynamic Host Configuration Protocol (DHCP) information and critical asset lists.

Integrated Reasoning

More data = Better Decisions The Respond Analyst includes Integrated Reasoning, the capability to look at multiple data sources including Network Intrusion Detection Systems (NIDS), Endpoint Protection Platforms (EPP) and web filters to identify real, actionable malicious behavior in your environment. Identifying these threats faster means reduced detection and attacker dwell times, while eliminating the need to chase false positives.

Dynamic Scoping and Reprioritization

The Respond Analyst is constantly re-evaluating the probability and likelihood of a security threat as more information is collected by security sensors. Because the Respond Analyst uses Robotic Decision Automation (RDA) it can recall events that occurred in the past and correlate any new information that is collected to enrich incidents for escalation and remediation.

Join our growing community! Subscribe to our newsletter, the "First Responder Notebook," delivered straight to your inbox.