Why Enterprises Should Consider NOC/SOC Integration

Meny Har November 21, 2018

Enterprises Can Gain Significant Efficiencies and Increased Effectiveness through NOC/SOC Integration

NOC SOC Integration

Approximately 80% of organizations with a security operations center (SOC) also have a network operations center (NOC). While these two groups ultimately serve different functions for an enterprise, significant overlaps do exist and SOCs and NOCs will typically need to collaborate in the event of an incident or emergency. Yet, despite the somewhat symbiotic relationship that exists between the NOC and SOC only a small percentage of enterprises truly integrate these functions.

Most Used Playbooks of 2018 - Incident response, Alerts, Automation

Siemplify November 16, 2018

The Most Used Playbook Of 2018 series brings you the production playbooks noted by our professional services team as being most utilized and favored by customer SOCs. These playbooks implement best practice workflows for alert handling, alerts investigation, incident response and automation plans.

Get The Full Series

What Machine Learning Means for Security Operations

Matthew Pascucci October 4, 2018

Machine learning holds great promise for security operations

Over the past two years machine learning has found its place firmly in the cybersecurity industry and its benefits are indisputable. Through machine learning, we’ve seen great improvements implemented into technology that can make tangible improvements to our cybersecurity posture. 

Building a Holistic Cybersecurity Metrics Program

Matthew Pascucci September 27, 2018

Establishing organizational and security operations metrics improves management and reduces company risk

An organization's ability to discover and reduce risk in a more preventative manner rests heavily on having clear cybersecurity and security operations metrics. 

security operations metrics

Understanding the overall security posture of your enterprise is determined by creating a baseline of select organizational and security operations metrics. With baseline numbers established, you can then begin to increase visibility, education and improvement to both technology and processes within your program. Metrics should be garnered from critical assets with risks and improvements presented to key stakeholders within the organization. These metrics help determine where particular areas of a program are running smoothly and where additional insight should be applied.

Defining the cybersecurity metrics that matter to your organization

Start by understanding your organization's critical assets. This could include everything from sensitive customer data and company IP to users and devices. I almost always suggest starting with anything compliance-related or having to do with public assets. These are the areas where you should be building metrics first. Ultimately, you're looking to measure your ability to effectively and proactively secure your company's most valuable assets. Ensuring visibility into these areas first is vital to identifying lapses in performance that could compromise security and triggering response to get processes back on track.

After you've identified what needs to be monitored,  you need to start collecting information and determining what data points are available. The process for collecting metrics is an important discussion item, since we want to limit as much manual effort as possible. Determining what information to collect and how you'll gather and analyze this data is a crucial step in your metrics journey. You'll also want to gut-check your identified metrics with a risk-based team, if available, to determine prioritization of the remediation efforts when those needs arise.

Baselines set the stage for goal-setting and measuring progress

Creating baselines is what you’ll use to determine the current cybersecurity maturity of your organization overall as well as your SOC. Baselines also help you identify any outliers or blatant concerns which require urgent attention. By creating this foundation and setting standards reflecting what’s normal within your organization, you create a basis for setting goals and milestones. Included in your baselines should also be an understanding of industry standards and your organization's appetite/tolerance for risk. Without these, identifying future goals is destined to be a fruitless exercise.

As an example, let's say you set a goal of having all Windows systems patched within one week of new Microsoft patches being released. To set this as an effective goal, you would need to have already done the following:

  1. Baseline the current state of your patching performance - what is the current time frame for new patches to be applied?
  2. Understand your organization's risk tolerance - how long are unpatched systems acceptable?

Only by understanding these elements can you determine if a one-week patching window is actually a good, reasonable, achievable goal.

Introducing Siemplify v4.25

Kaustubh Jagtap September 25, 2018

Bringing Together Technologies, People and ProcessesYou ask and we deliver. Siemplify version 4.25, the latest release of our award-winning security orchestration, automation and response (SOAR) platform is here. Packed with features to make day-to-day security operations teams even more efficient and effective, this release introduces new machine learning capabilities, ways to get even more from our playbook editor, new KPI dashboard widgets and much more.

How to Get More from Your Existing Security Technologies

Meny Har September 19, 2018

The cybersecurity sprawl struggle is real.

Cybersecurity tools security orchestration

Quick - name 50 things that you're really good at. 

Security Operations Strategies for Winning the Cyberwar

Sarah Eck September 14, 2018

Thwarting cyber threats just takes a little security operations strategy

security operations strategy

Advice for staying ahead of cyberthreats abounds, yet most organizations still find themselves struggling to keep pace in a consistently evolving threat landscape. 

Security Automation Saves Money, Time and Work

Kim Crawley September 5, 2018

Security automation means a more efficient SOC, improving the bottom line

Security automation savings

The evolving threat landscape just gets more complex and brutal as time goes on. Targeted threats abound as advanced persistent threat campaigns, cyberwarfare, distributed denial of service attacks, and spearphishing. Meanwhile, zero-day vulnerabilities and exploits continue to be frequent occurrences. It’s a hostile cyber world out there, and it’s easy for organizations and enterprises to get overwhelmed. What if there was a solution that could be deployed that could cut down on the tedium that SOC analysts deal with? The right security automation tool can reduce your cases by 80%.

Security Operations Challenges Impeding SOC-cess - 2018 SANS Survey

Sarah Eck August 24, 2018

Lack of effectiveness metrics and orchestration/automation top list of security operations frustrations

The more things change, the more they stay the same. SANS recently released its 2018 Security Operations Survey, and we continue to see the same barriers to SOC performance and effectiveness rise to the top.

What You Should Know about Driving Down MTTD and MTTR

Matthew Pascucci August 16, 2018

Effectively connect people, process and technology to minimize MTTD and MTTR

There's a reason it's said that what gets measured gets managed. In order to successfully achieve a goal, you have to be able to measure progress. It's the only way to know if you're heading in the right direction. 

Do I Need a SIEM if I Have SOAR?

Nimmy Reichenberg August 14, 2018

Another year, another Black Hat has come and gone. On the show floor, we saw the continued momentum and interest building for security orchestration, automation and response (SOAR).  And as always, we met with a wide variety of security operations pros feeling the pressure of too many alerts, too many technologies and not enough process and automation to make it all work.

Creating a Foundation for Proactive Incident Response

Meny Har August 8, 2018

Proactive incident response

As a Boy Scout, you’re trained to be prepared - always in a state of readiness in mind and body to do your duty. And for many of us in cybersecurity, a sense of duty is what drew us to the industry in the first place. What happens when the mind and body are at the ready, but you don't have the right approach or tools to carry out your duty as you know you can and should?

Security Orchestration as a Catalyst for MSSP Speed to Market

Matthew Romano August 3, 2018

Security orchestration for MSSP speed to market


Security Orchestration Accelerates MSSP Scalability & New Service Development

The market for managed security services grew 9.5% in 2017, the result of continued adoption of services from large global providers and a steady influx of new competitors. The emergence and continued growth of the managed detection and response (MDR) category further fans the flames of growth and competition.

5 SOAR Implementation Pitfalls to Avoid

Sarah Eck July 23, 2018

The benefits of security orchestration, automation and response (SOAR) are many - if executed correctly

Security orchestration, automation and response (SOAR)

There’s no doubt, organizations around the globe are investing in security orchestration, automation and response (SOAR) solutions. While today, less than 1% of large enterprises use SOAR technologies, by 2020 15% of organizations with a security team of more than five are expected to leverage these tools.

Putting Your Incident Response Processes to the Test

Nir Loya July 8, 2018

Are You Regularly Testing Your Incident Response Processes?

Testing incident response process

Surely you remember it well. Your class being gathered and ushered into the centermost room of your school. Or being taken outside and counting off once you reached your designated place.

Selecting a Security Orchestration Vendor

Sarah Eck June 8, 2018

Have a clear criteria list when selecting a security orchestration vendor

Selecting security orchestration vendor

Security orchestration, automation and response (SOAR) vendors offer SOCs the best solution against the burgeoning problem of having too many security tools but not enough in-house talent to use them effectively. They enable security operations teams to integrate disparate cybersecurity technologies and processes into a more cohesive security ecosystem, in turn allowing these teams to work more efficiently against the growing onslaught of cyber threats.

Automated Incident Response - How Enterprises Benefit from it?

Jenya Shvetsov May 30, 2018

Automated Incident Response Addresses Key Security Operations Inefficiencies

In this era where cyber threats occur rapidly and nonstop, combining incident response and automation is becoming a necessity for enterprises and MSSPs seeking to keep their cyber defenses up around the clock. The following provides an overview covering all you need to know about automated incident response and how it can benefit your organization.

SOARing Above the Clouds of GDPR Compliance | Siemplify

Sarah Eck May 25, 2018

Security Orchestration Help Get Organizations Closer to GDPR Compliance


Happy GDPR Day! You're ready, right? Kicked back, feeling relaxed and compliant?

Introducing Siemplify Security Orchestration Version 4.0

Meny Har May 24, 2018

Continuously Innovating Security Orchestration and Automation

The Siemplify team is always adding and improving features based on feedback from our customers and partners. We’re excited to unveil version 4.0 of our cutting-edge security orchestration and automation platform. Filled with new functionality to further improve incident response processes for enterprises and MSSPs alike, here’s a look at what you can expect from our latest release.

The Role of Security Orchestration in Managed Detection | Siemplify

Nimmy Reichenberg May 14, 2018

Managed detection and response (MDR) is a fast-growing managed security offering focused on detecting and responding to threats that have bypassed traditional security controls. Gartner predicts by 2020, 15% of organizations will be using MDR - up from fewer than 1% today.

Anguish and Antidote - Overcoming Top CISO Challenges | Siemplify

Miguel Carrero May 2, 2018

CISO pain points

“Here's What’s Keeping Your CISO Up at Night"
“CISO Survey Paints a Grim Picture”
“Thirty-seven CISO Pain Points” 

Should You Stop Hiring Tier 1 SOC Analysts? | Siemplify

Nimmy Reichenberg April 17, 2018

shutterstock_378771547Much has been written about the death of the Tier 1 SOC analyst. To paraphrase Mark Twain, reports of that death are greatly exaggerated. A simple Glassdoor search yields 186 open positions that posted in just the last month. Is one of your open roles on that list?

Security Automation for Account Misuse | Siemplify

Meny Har April 12, 2018

Automating the triage and incident response for account misuse alerts

Well, here we are. Our fourth and final installment of this blog series on use cases that can benefit most from security automation. In case you've missed the prior posts, we have already covered automating the investigation of and response to phishing, malware and DLP alerts. 

Automate This: Security Automation for DLP Alerts | Siemplify

Meny Har April 5, 2018

Hey there, welcome back! We now proceed with the third installment of our four-part blog series. If this is the first time you're joining us, here's a quick recap of what we’ve talked about so far.

Security Automation for Malware Alerts

Meny Har March 30, 2018

Automating the triage and incident response for malware alerts

Welcome to the second post in our four-part blog series where we walk through the steps to automate some of the most common SOC processes. Last week, we went through applying security automation to the process of managing, investigating and responding to phishing alerts. This week, we take a look at addressing malware.

What SOC Managers Should Know about SOAR and Threat Intel | Siemplify

Sarah Eck March 28, 2018

"Information is a source of learning. But unless it is organized, processed, and available to the right people in a format for decision making, it is a burden, not a benefit."
                                                                                                                                              -William Pollard 

Security Automation for Phishing Alerts | Siemplify

Meny Har March 23, 2018

Automating triage and incident response of phishing alerts

Security orchestration and automation is an undeniably hot topic. Forrester named it one of the top 10 technology trends to watch in 2018-2020. So, it's clear there are lots of eyes on the space. But as SOC managers start to look at implementing security automation, they often find themselves asking, "where do I start?" 

your MSSP security orchestration shopping list | Siemplify

Miguel Carrero March 19, 2018

To say that MSSPs have a security orchestration challenge is the understatement of the century. But not just any security orchestration platform can satisfy the multi-tenant requirements of MSSPs.

BACK TO BASICS: What is security automation? | Siemplify

Nimmy Reichenberg March 12, 2018

Security automation back to basicsCybersecurity is full of terms, concepts, buzzwords and jargon that often get misused, overstated or muddled. That’s why, every now and again, we want to help you reground yourself in the true meaning of some of the most prevalent security terminology. 

Back to Basics: What is Security Orchestration?

Sarah Eck March 8, 2018


Some things just go together. Peanut butter and jelly. Gin and tonic. Bacon and more bacon. The same is true for security automation and orchestration. So much so that, the two often get used interchangeably. However, just like peanut butter will never actually be jelly, security orchestration and security automation aren’t the same thing.

Why Security Orchestration & Automation Play a Critical Role for MSSPs

Siemplify March 7, 2018

 Security Automation Orchestration for MSSPs-1.gif

Pop quiz: should you be automating? | Siemplify

Sarah Eck March 5, 2018


Are Cybersecurity Tools Enough? | Siemplify

Sarah Eck February 23, 2018
Thousands of tools to choose from, but nearly half of security alerts go uninvestigated. Feel familiar?

Cybersecurity Market

Hunters are fond of saying, “there’s no such thing as bad weather, only bad gear.” Essentially, if you have the right tool, no challenge is insurmountable. The cybersecurity industry agrees, it would seem, considering 72% of CISOs say they favor buying best-of-breed solutions over integrated ones because they are better suited to specific needs. With all due respect to hunters, when it comes to cybersecurity, the right tools are only half the story.

SOARing above the Security Talent Shortage

Nimmy Reichenberg January 3, 2018

security talent shortage

A lot has been said and written about the security talent shortage. A report by Cisco pegged the amount of unfilled cybersecurity jobs in 2019 at 1.5 million. A more recent report by Cybersecurity Ventures estimates 3.5 unfilled positions by 2021. Wherever the truth may lie, one thing is clear - the industry is not manufacturing cybersecurity professionals at a fast enough rate to meet current and future demand, so no one is expecting the security talent landscape to get better anytime soon.

Gartner releases SOAR Innovation Insight research | Siemplify

Siemplify December 14, 2017

Last week marked an important milestone for the Security Orchestration and Automation market. Gartner Research issued their most comprehensive research to date - Innovation Insight for Security Orchestration, Automation and Response or SOAR for short (Available to Gartner subscribers).

Impact of Security Orchestration & Automation on MSSPs

Siemplify December 6, 2017

Impact of Security Orchestration & Automation on MSSPs

When strategizing about methods of orchestration and automation, the industry often focuses on the needs of the traditional security operations center (SOC). However, coming up with solutions for security orchestration for MSSPs is of equal importance.

Are CISOs Ready to Trust Security Automation?

Siemplify November 21, 2017


For CISOs trying to keep a hold on securing the information and systems of their company, automating their security operations is an absolute must, of course within the context of a broader security orchestration approach.

4 Emerging Cyber Security Vulnerabilities You Should Know

Siemplify October 23, 2017


Symantec and Siemplify Team Up

Siemplify October 11, 2017

Symantec and Siemplify are excited to announce a partnership to deliver a fully integrated
 solution for threat management.


Data Exfiltration - Detect and Prevent Through Investigation

Siemplify October 3, 2017

Detect and Prevent Through Investigation

5 Colossal Cyber Security Incidents That Shocked The World

Siemplify September 25, 2017


Understanding The SOC Team Roles And Responsibilities

Siemplify September 20, 2017

Security Operations CenterBuilding an effective security operations center (SOC) is crucial for organizations of all sizes. Just like the companies themselves, every security team is different. Companies that recognize the importance of cybersecurity will invest the necessary amount to ensure that their data and systems remain safe and that their SOC team has the resources necessary to deal with threats. The security operations center roles and responsibilities are fairly straight-forward, but distinct in their requirements.

Cyber Security Analytics: Investigate, Manage & Automate

Siemplify September 10, 2017

Cyber Security Analytics

10 Signs You Should Invest In Security Automation

Siemplify September 3, 2017

security automation invest

The Phenomenon of Phishing Attacks: How to Protect Yourself

Siemplify August 2, 2017

Phishing attacks are nothing new and a stalwart of the hacker repertoire. The proliferation of phishing attacks both simple and sophisticated continues to frustrate security professionals across the globe. Earlier this year, one of these phishing attacks came en masse in the form of fake Google Docs invites. As word of the phishing scheme spread, the need for a fast, orchestrated response was made clear.

3 Best Ways to Approach Security Incident Management

Siemplify July 27, 2017

The landscape of Security Incident Management has altered drastically

Ten years ago, the term “security incident management” was not commonplace as it is today. With cyber attacks becoming increasingly frequent, industries are scattering in every which direction to figure out how to best approach security incident management. In short: today’s challenges are never ending and exceedingly complex. Newfound problems demand timely, efficient, and above all, effective solutions. Here are 3 ways to best approach security incident management in today’s volatile cybersecurity landscape:

Siemplify Announces the Deployment of ThreatNexus 2.0

Siemplify July 20, 2017

The demands and challenges within the scope of security operations are quite fierce. The problems plaguing security operations: alert fatigue, too many point solutions, shortage of analysts are well documented, and in many cases getting worse. These challenges are exacerbated with immense pressure driving burnout and high turnover among analysts.  

Why is Cyber Security Important - How To Avoid Threats

Siemplify July 19, 2017

In the ever growing battlefield of cyber security, it is nearly impossible to quantify the reasons why cyber security is important. Allowing malicious threats to run amok anywhere, at any time, and in any context is far from acceptable, and it especially applies to the intricate web of customer and company data that cyber security teams are striving to protect. In the never ending battle of good versus evil, doubling down on an effectively calculated cyber security strategy is paramount. There are a multitude of reasons to invest in new cyber security innovation for security operations teams, but we are going to break it down to a few important points:

Carbon Black and Siemplify Announce Integration Partnership

Siemplify July 14, 2017


Carbon Black and Siemplify are excited to announce a partnership to deliver a fully integrated solution for incident response. 

4 Best Practices For Building a Security Operations Center

Amos Stern July 9, 2017

Building a security operations centerYou have to know four things before building anything, whether it's something "simple" like assembling your new furniture from IKEA or breaking ground on an entire community of homes:

1. What you're building 

The Next Stage Of Security Automation - How Will It Evolve

Siemplify July 3, 2017

Before an organization can begin to analyze the benefits of security automation, a quick reminder of the threat faced by security breaches is necessary: According to the IBM Security Services 2014 Cyber Intelligence Index Analysis, in the region of 95% of security issues arising in companies and organizations occurred due to human error, and each lost data record cost on average $145 to a company. The report also found that the average company suffered from 91 million security events per year, of which over 100 could be classified as critical.

Petya Ransomware - How To Best Approach This Global Threat

Siemplify June 29, 2017

The recent cyber-attack caused disruption around the globe and has infected companies in an estimated 64 countries, including major banks, oil and gas organizations, law firms and advertising agencies. According to anti-virus vendor ESET, 80% of all infections were in Ukraine, with Germany second hardest hit with about 9%.

Siemplify partners with Palo Alto Networks for the launch of PAN App

Miguel Carrero June 21, 2017


Palo Alto Networks recent 2017 Ignite Conference in Vancouver truly lived up to its namesake. The conference is a firestorm of activity billed as a “yearly reinventing of how Palo Alto customers rapidly adopt the most compelling new security technologies in the market.”

Webcast: SOC of the Future - How to Run an Effective SOC

Siemplify May 21, 2017

Ransomware Attack Stuns the Globe, Security Orchestration-The Answer

Siemplify May 12, 2017
Hospitals throughout the UK were alerted early Friday morning of a potential ransomware attack, but by the time anyone could act, it was too late. The ransomware was already spreading and disrupting systems across the globe as part of a major infiltration. Ransomware remains one of the leading threats facing organizations today and is the Achilles heel of security teams struggling to keep up with multitudes of alerts.

Miguel Carrero Explores ESG - Siemplify Research

Siemplify May 10, 2017


Security Orchestration Made Simple: Effective Implementation Processes

Siemplify April 27, 2017

The challenges faced by a security operations center (SOC) are many and well-documented:
the workload is tremendous, while the workforce is limited, strained, and ill-equipped to handle the influx of alerts that constantly bombard their desktops.

The Top Priority Procedures For Incident Response

Siemplify April 25, 2017

Cybersecurity has become an increasingly challenging landscape to navigate. Having said that, there has been a constant evolution from conventional methods with which to combat threats. Enabling proper incident response through an efficient platform is part of our security orchestration specialty, and for good reason. By acknowledging your current security posture and evaluating your current tools and procedures, you are minimizing the impact attacks are capable of inflicting.

New Research On Security Orchestration, Automation & Incident Response

Siemplify April 24, 2017

In early 2017, Siemplify, in partnership with Enterprise Strategy Group (ESG), conducted extensive research on the priorities and challenges within security operations. There is no shortage of noise in the industry and we are committed to helping security leaders cut through that noise with hard data to drive real improvement in security operations.

Darkreading interviews Siemplify CEO Amos Stern on ESG Research

Siemplify April 13, 2017

Half of Security Pros Ignore Some Important Alerts

Short-staffed, more than half of organizations admit they ignore alerts that should be investigated because they lack resources to handle the overflow.

New York Department of Financial Services Cyber Security Regulation

Siemplify April 4, 2017


Security Orchestration addresses latest cybersecurity  regulation plaguing financial services industry.

From SIEM to Security Orchestration

Siemplify March 22, 2017

Over the last decade, SIEM solutions have been the cornerstone of security operations.  As investments in detection rose, these systems were tailored and re-engineered to take on more and more data, alerts and logging capabilities. While a valuable and integral part of most enterprise security footprints, it has also shed light on critical dependencies. What is the limit of alerts an organization can triage? How many analysts are needed to truly manage a growing number of cases? And most importantly, how do we drive efficiency and productivity throughout security operations? The market is presently responding to this need by defining Security Orchestration as the next level of technological sophistication capable of maximizing SIEMs large installed base.  

Security Operations Challenges and Priorities for 2017

Amos Stern March 6, 2017

We are only a few months into 2017, and cybersecurity issues continue to occupy news headlines. “America has a ‘cybersecurity crisis,”says CNBC. “Does Cyber Security Have An Operational Excellence Problem?” asks Forbes. It is no surprise, really. After all, hacks, breaches, and security stories have provided some of the biggest mainstream news items for several years. If these issues are worrying the mainstream, there is no doubt they consume industry leaders.

3 Essential Things To Include In Your Cyber Security Strategy

Siemplify March 4, 2017

In this day and age, we are constantly playing keep up with technology. On a personal and a workplace level, it feels like a new device or software is being released right around the time we master its predecessor. The same challenge exists in the realm of cyber security.

How to Build a Cyber Incident Response Plan | Siemplify

Siemplify February 16, 2017

Planning is Vital to a Successful Cyber Incident Response Program

Before embarking on anything new - buying a new house, taking a vacation, getting a new job - you usually start with a plan. You identify the neighborhood you want to live in, decide whether to hit the beach or go skiing, and have an idea of the amount of money you want to make so your efforts have direction. In short you plan your work and then work your plan.

So why isn't this approach always taken when it comes to cyber incident response? In this post, we will explore why planning matters and the elements that make up the foundation of any solid incident response program.

Cyber Incident Response Plan

Why Do You Need Cyber Incident Response?

Warren Buffett, the Oracle of Omaha, said cyber attacks are a bigger threat to humanity than nuclear weapons. While we aren't quite to doomsday levels yet, the number of attacks is doubling year over year, which means you're likely to be in the position of needing to respond to a cyber incident sooner rather than later, if you haven't had to do so already.

Cyber Incident Response is a Matter of Time

Time is of the essence in responding to a cyber attack, as the threat actor has likely been poking around your network for several weeks or months before your team discovers something is amiss.  The longer a threat actor can go undetected in your environment - also referred to as dwell time - the more damage that can be done to your organization. And while dwell times have been going down steadily each year, threat actors still have the advantage. Average dwell times are anywhere from 49 days or more, whereas a mid-level threat actor can infiltrate a network and exfil data in about a week.

Cyber Incident Response is a Matter of Reputation

Breaches can have a significant impact in the overall perception of a business and its brand. Sixty-five percent of customers affected by a breach lose trust in the organization, with 25% taking their business elsewhere. Your company's marketing department likely has this at the top of their list of worries, and so should you. Why? Reputation damage almost always has financial implications.

Cyber  Incident Response is a Matter of Money

It's no secret that breaches are expensive. The total cost of a successful cyber attack is typically in excess of $5 million, though this cost can be much higher. Shipping company Maersk reported losses of about $300 million stemming from the NotPetya attack in 2017.

In some cases, costs associated with breach recovery have more of an impact than the actual attack itself.  The City of Atlanta spent more than $2 million to recover from a ransomware attack that was demanding $52,000. 

Initial costs aside, the largest potential financial impact to a business is in lost revenue over time. The majority of consumers say  they would stop doing business with an organization if it experienced a data breach and 93% say they would take or consider taking legal action against an enterprise that has been breached.

A good cyber incident response plan can mean the difference between a quick recovery for your organization and long-term damage to your company's reputation and bottom line. 


Siemplify Wins 2017 Cutting Edge Incident Response Solution.

Siemplify February 14, 2017

Cyber Defense Magazine has announced that Siemplify has won the 2017 Award for Most Cutting Edge Incident Response Solution. Siemplify is thrilled to be showcased for its continuing leadership in incident response, security orchestration, and automation. The award will be presented to the Siemplify Executive team at the annual RSA Conference, taking place in San Francisco. This award closely follows Siemplify’s recent win of the 2017 CyberSecurity Excellence Awards for Fastest Growing Cyber Security Company.

Orchestration and Incident Response Platform for MSSP's

Siemplify February 13, 2017


Siemplify Awarded Fastest Growing Cyber Security Company

Siemplify February 10, 2017

cyber security company

In recognition of our accelerated growth and market demand Siemplify has been awarded the    2017 CyberSecurity Excellence Award for Fastest Growing Cyber Company. With our relentless focus on solving our customers’ most challenging security operations needs, we look forward to continuing to meet the growing demand for ThreatNexus Security Orchestration platform.

451 Research features Siemplify's security orchestration platform

Siemplify February 3, 2017

451 research

New report says “Siemplify SOC orchestration targets process quality and breadth, and analyst productivity.”

Webinar – Next Generation Analysts For Next Generation Threats

Siemplify February 2, 2017


Siemplify at RSA – What to look for

Siemplify January 26, 2017


Each year the security world descends on San Francisco for RSA – a week long showcase of products, people, parties and parting gifts delivering the best the cyber security industry has to offer. Siemplify is no stranger to RSA and will be out in force showcasing how we are setting the bar in Security Orchestration and Incident Response.

Top Cybersecurity Threats in 2017 - Siemplify

Siemplify January 19, 2017


With 2016 bringing political polarization into cybersecurity, we take a look into the top global cybersecurity threats in 2017

Siemplify makes top 10 list of cyber security companies

Siemplify January 10, 2017


Momentum Partners, a Cybersecurity focused advisory firm based in Silicon Valley has recognized Siemplify in their “Cyber Security Watch List” in acknowledgment of Siemplify’s “Tremendous Momentum” in Q4 and heading into 2017.


This report ranks Siemplify as one of the Top 10 hottest Cyber Security Companies to keep an eye on in the coming year. Drawing particular attention to Siemplify’s latest round of funding and the ThreatNexus Solution, Momentum Partners Highlights the most innovative Cyber Security Companies driving the future of the security landscape.

Siemplify Nominated for 2017 Cyber Defense Magazine InfoSec Award

Siemplify January 10, 2017


Siemplify is a proud nominee for the 2017 Cyber Defense Magazine InfoSec Awards in the Incident Response Category. Kicking off a stellar year with additional nominations for the 2017 CyberExcellence Awards, Siemplify is building on its industry relationships and claiming recognition from some of the cyber security world’s most active publications. Most recently, Siemplify CEO Amos Stern was featured in Cyber Defense Magazine’s December Issue in an article titled, “Orchestration is more than Automation“. Stern went on to point out that, “There is a delicate balance between human intervention and automation that requires the right underlying architecture and intelligence. Automation must be earned, not given”.

Siemplify Nominated for 2017 CyberSecurity Excellence Awards

Siemplify January 10, 2017


Siemplify is a proud nominee for the 2017 Cyber Defense Magazine InfoSec Awards in the Incident Response Category. Kicking off a stellar year with additional nominations for the 2017 CyberExcellence Awards, Siemplify is building on its industry relationships and claiming recognition from some of the cyber security world’s most active publications. Most recently, Siemplify CEO Amos Stern was featured in Cyber Defense Magazine’s December Issue in an article titled, “Orchestration is more than Automation“. Stern went on to point out that, “There is a delicate balance between human intervention and automation that requires the right underlying architecture and intelligence. Automation must be earned, not given”.

How Leading Organizations are Leveraging Security Orchestration

Siemplify January 10, 2017

Webinar: Next generation analysts for next generation threats – lessons from deploying best practices to hundreds of SOC teams!


Tuesday, January 24th, at 11:00 AM EDT (16:00:00 UTC)

Register now!

Applying Security Orchestration and Automation for Better ROI

Amos Stern January 4, 2017

Security Automation And Orchestration

It’s no secret that security operations are under fire. In most enterprises, the only thing standing between a normal day and a financially devastating data breach is the security analyst. Yet, despite decades of investment in cyber security protection, detection, and intelligence tools, the analyst lacks a centralized software platform to operationalize all of this data in time to effectively prevent breaches from occurring. Drowning in a sea of alerts, and with the business on the line, SOC analysts are desperately seeking solutions. Automation is being hailed as the answer.

Driving ROI from Threat Intelligence & Security Operations

Meny Har December 28, 2016

Over the last few years, the issue of corporate cyber security has gone high profile and accordingly, budgets allotted to combating malicious infiltrators have grown exponentially. According to Gartner, in 2016 security spending was set to grow 7.9 percent, and the typical 1000-employee company is spending approximately $15 million attempting to keep their enterprise safe.  With a significant chunk of that spend directed to Threat Intelligence feeds. Yet in the rush to gather as much intelligence as possible, many organizations lack the structure to translate this data into actionable intelligence and measurable improvement in security. At the same time, CISOs are increasingly under the gun to prove ROI from current and future security investments.

InfoSecurity Magazine Webinar: The Future of Security Operations

Meny Har December 7, 2016

A Million Analysts Won’t Save Your SOC: The Future of Security Operations

What is Cyber Ontology? Deliver Context for Orchestration

Garry Fatakhov December 7, 2016

The modern Security Operations Center (SOC) is a highly complex system of point tools, all designed to keep sensitive corporate data secure. Each of these tools creates disparate data points and incidents. Security analysts investigate the barrage of incidents and alerts, looking for clues while asking themselves: is this alert stemming from an actual event? What is the source of this alert? Has this been through our system before?

Duplicate Alerts Draining Security Analysts’ Time

Garry Fatakhov November 22, 2016



As cyber attacks continue to expand in number and severity, many organizations find that they are unable to deal with the threat effectively. To attempt to quell and contain these threats, the modern security operations center (SOC) has become a complicated patchwork of disparate tools, each one designed to target the problem from its own angle. As each additional tool does its job, it creates information that resides in its own silo, leading to an endless stream of alerts to be processed. As these alerts pour in, they flood analysts with excess data, leaving them unable to discern the real threat from the noise, leading to an inability to effectively respond.

Putting Threat Intelligence to Work

Ryan Snell November 8, 2016

Last month I attended the FS-ISAC Fall Summit and was thrilled to see the overwhelming interest in making security operations more efficient and automated—confirming that the financial industry is shifting from detection-heavy investment to the operationalization of security.

Preparing for Cyber Attacks on our Power Grids

Siemplify October 27, 2016

This month we participated in NERC’s 2016 annual Grid Security Conference bringing together cybersecurity and physical security experts from industry and government to share emerging security trends, policy advancements, and lessons learned related to the electricity sub-sector.

A Million Security Analysts Won’t Save Your SOC

Siemplify October 25, 2016

It’s no secret that companies across the world face serious challenges when it comes to designing and maintaining their Security Operations Centers (SOC).

Why it’s so difficult for SOC teams to trust automation

Siemplify October 18, 2016

sc-magazine-siemplify.pngThose managing corporate security environments can have mixed feelings towards automation. On the one hand, automation helps teams efficiently handle critical processes. On the other hand, over-reliance on automation can be dangerous. Automation is not a cure-all solution, but it has an important place in SOCs.

Why Financial Sector Socs Must Mature To Remain Secure

Siemplify October 11, 2016

Cyber criminals have their cross hairs firmly locked on the financial sector. Although financial institutions have long been primary targets for breaches, the challenges they face today are vastly different than those of the past. Once upon a time, robbing a bank involved devising a perfectly plotted and highly dangerous course of action, which only the most brazen attackers would dare attempt. The attacks of today are much subtler, so subtle, in fact, that they often go undetected by security teams.

FS-ISAC Fall Summit 2016

Siemplify October 10, 2016

Later this month we’re attending the FS-ISAC Fall Summit, an event dedicated to sharing the best security practices and trends among financial service institutions. One of our blue chip financial customers has illustrated the importance of such events, saying, “Look across the industry, we’re all trying to solve the same problem, but we’re all doing different things. There needs to be more sharing and collaboration at an industry level in order to keep our institutions safer.”

Shift To Response Requires Rethinking Security Infrastructure

Meny Har September 24, 2016

insecure-magazine-213x300.pngWhen it comes to corporate information security, it often feels like hackers have the advantage. In the September issue of (in)Secure Magazine , Siemplify CEO, Amos Stern, reviews the need to rethink security infrastructure in order to successfully transition from detection to response, saying, “…stop focusing solely on preventing breaches…What matters most is how and how fast your organization responds to threats.” Read what Stern has to say about this process, team efficiency, considering the whole story, and more  (article on page 42).

The Benefits of Semi-Automation

Meny Har September 7, 2016

In football, planning every move down to the smallest details is everything. Any coach worth his or her salt has a playbook of strategies and every move, as impulsive as it may seem, has been carefully calculated with perfect “If this, then that” precision, before it ever took place. Yet, although every play has been pre-charted, effective execution relies on the adaptability of players in the moment and a keen understanding of the adjustments that need to be made “in game”.

SOCs Require More Than a Band-Aid Approach

Garry Fatakhov August 31, 2016

SOC teams are tired of being held hostage to a sea of alerts, by disconnected point solutions (each proclaiming to be the holy grail), by manual processes, and by the shear limits of human horsepower. What can be done? What if you could actually cut investigation times from days to minutes? Shrink caseloads by 30% overnight? Triple the productivity of an individual analyst?

How To Propel The Next-gen Isoc - Siemplify

Gad Rosenthal August 29, 2016

The security operations center of an organization is essentially it’s eyes and ears, defining what elements should be given pass to entry and which ones must be kept out at all costs. The SOC is all that stands between the security and integrity of corporate data and the attackers looking to get their hands on whatever they can.
The very nature of the SOC is a highly complex and ever-expanding fabric of people, process and technology, trying to “keep it together” against threats, known and unknown. But as we have seen time and again, more tools and more people don’t necessarily equal more security. In the constantly evolving threat environment that organizations find themselves in today, they are going head to head with attackers using an overly complicated mix of tools that simply aren’t built to evolve.

CRN Exclusive: Siemplify Launches First Partner Program

Garry Fatakhov August 23, 2016

Siemplify™ today announced the launch of its Nucleus Channel Partner Program, which extends the reach of the company’s ThreatNexus™ security operations platform by making it available to partners and their customers on a national basis. 

Siemplify taking Security Channel by Storm

Garry Fatakhov August 23, 2016

As part of the recently announced Channel Partner Program, Siemplify’s Ryan Snell was interviewed by ChannelPartners Online.  “The biggest obstacle facing the security channel is the ‘security detection tool fatigue’ that has reached ‘bubble” status with customers”, Snell said.

Black Hat and Beyond - Siemplify

Siemplify July 31, 2016

As industry experts continue to stress the importance of becoming the next-generation SOC, it seems everyone struggles to grasp how to get there.

5 Reasons Why Security Operations Need More Than A SIEM

Siemplify June 13, 2016

SIEMs are mandatory tools for forensic security teams, aggregating logs from a multitude of sources, exploring within a dataset, and auditing thoroughly. But anyone who’s tried to run their security operations solely on a SIEM (Security Information and Event Management), knows all too well its limitations:

Next-Gen Security Operations Center in Action - Siemplify

Amos Stern May 1, 2016

Below is an eyewitness account we received from one of our U.S. bank customers following a security incident. Names and details have been withheld for confidentiality purposes.

Morgan Stanley and the CISO Dilemma

Amos Stern April 21, 2016

Last week I had the honor of speaking at the annual Morgan Stanley CTO Summit in London.  The Summit focused in part on what I believe is the fundamental problem facing cyber teams today: our inability to reduce the number of overall breaches. I suggested the answer calls for rethinking how security systems work together.

OPIsrael and the Value of Next Generation SOCs

Gad Rosenthal April 7, 2016

Today is an excellent opportunity to see how next generation SOC platforms are changing enterprise security. One of the biggest organized cyber attacks against Israeli organizations, #OPIsrael, is scheduled for today. It’s the kind of scenario that can overwhelm conventional security operation centers (SOCs) and one that brings out the value of the Siemplify platform. The Nature of the Threat The majority of attackers participating in #OPIsrael are hacktivist groups, like Anonymous. They will primarily be looking to launch distributed denial-of-service (DDOS) attacks against Israeli-related sites and publishing personal information (mainly credit card details):

Seeing Is Believing At RSA - Siemplify

Garry Fatakhov February 25, 2016

One of the most frequently asked questions about the Siemplify Threat Analysis Platform is how we compare to other cyber-security tools.  It’s a logical question, particularly seeing that we integrate with cyber-security tools, helping them be smarter and easier-to-use.  We’ll be demoing this very point at RSA next week.

Bringing Military Intelligence to Security Operations

Garry Fatakhov February 16, 2016

Transforming the way enterprises perform cyberthreat analysis, Siemplify emerged from stealth mode today with the first security operations platform to employ the same advanced cybersecurity methodologies used by leading military intelligence organizations. The Siemplify Threat Analysis Platform automatically correlates security alerts, identifies and prioritizes incidents, and graphically depicts the complete threat chain, setting new standards for time-to-insight and time-to-remediate. The Platform is available worldwide for commercial deployment. According to a study conducted by HP and the Ponemon Institute, companies need an average of 46 days to resolve a cyberattack. “The problem is not detection per se but discerning the threats hidden in the noise of thousands of alerts generated by the disparate security monitoring systems,” said Amos Stern, CEO and co-founder of Siemplify. “This makes it impossible to see the broader attack chain and identify root cause quickly.”

Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.


  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Subscribe to Email Updates

Top Stories