Security Orchestration Automation and Remediation (SOAR) Integration
The Respond Analyst enables organizations to unlock the true automation capabilities of their SOAR deployments by managing the up-front analysis of events before they are passed to the SOAR system. The Respond Analyst is scalable to handle millions of events, only escalating real incidents into SOAR for remediation
Inferred Context in Security Analysis
Can the Respond Analyst really mimic a security analyst’s judgement? What is Inferred Context in Security Analysis? The Respond Analyst improves security escalation decisions leveraging existing sensors along with context of local environments, such as Dynamic Host Configuration Protocol (DHCP) information and critical asset lists.
More data = Better Decisions The Respond Analyst includes Integrated Reasoning, the capability to look at multiple data sources including Network Intrusion Detection Systems (NIDS), Endpoint Protection Platforms (EPP) and web filters to identify real, actionable malicious behavior in your environment. Identifying these threats faster means reduced detection and attacker dwell times, while eliminating the need to chase false positives.
Dynamic Scoping and Reprioritization
The Respond Analyst is constantly re-evaluating the probability and likelihood of a security threat as more information is collected by security sensors. Because the Respond Analyst uses Robotic Decision Automation (RDA) it can recall events that occurred in the past and correlate any new information that is collected to enrich incidents for escalation and remediation.
Join our growing community! Subscribe to our newsletter, the "First Responder Notebook," delivered straight to your inbox.