SOARing above the Security Talent Shortage

Nimmy Reichenberg January 3, 2018


A lot has been said and written about the security talent shortage. A report by Cisco pegged the amount of unfilled cybersecurity jobs in 2019 at 1.5 million. A more recent report by Cybersecurity Ventures estimates 3.5 unfilled positions by 2021. Wherever the truth may lie, one thing is clear - the industry is not manufacturing cybersecurity professionals at a fast enough rate to meet current and future demand, so no one is expecting the security talent landscape to get better anytime soon.

Gartner releases SOAR Innovation Insight research

Siemplify December 14, 2017

Last week marked an important milestone for the Security Orchestration and Automation market. Gartner Research issued their most comprehensive research to date - Innovation Insight for Security Orchestration, Automation and Response or SOAR for short (Available to Gartner subscribers).

Impact of Security Orchestration & Automation on MSSPs

Siemplify December 6, 2017

Impact of Security Orchestration & Automation on MSSPs

When strategizing about methods of orchestration and automation, the industry often focuses on the needs of the traditional security operations center (SOC). However, coming up with solutions for security orchestration for MSSPs is of equal importance.

Are CISOs Ready to Trust Security Automation?

Siemplify November 21, 2017


For CISOs trying to keep a hold on securing the information and systems of their company, automating their security operations is an absolute must, of course within the context of a broader security orchestration approach.

Why Security Orchestration & Automation Play a Critical Role for MSSPs

Siemplify November 1, 2017

 Security Automation Orchestration for MSSPs-1.gif

4 Emerging Cyber Security Vulnerabilities You Should Know

Siemplify October 23, 2017


Symantec and Siemplify Team Up

Siemplify October 11, 2017

Symantec and Siemplify are excited to announce a partnership to deliver a fully integrated
 solution for threat management.


Data Exfiltration - Detect and Prevent Through Investigation

Siemplify October 3, 2017

Detect and Prevent Through Investigation

5 Colossal Cyber Security Incidents That Shocked The World

Siemplify September 25, 2017


Understanding The SOC Team Roles And Responsibilities

Siemplify September 20, 2017


Cyber Security Analytics: Investigate, Manage & Automate

Siemplify September 10, 2017

Cyber Security Analytics

10 Signs You Should Invest In Security Automation

Siemplify September 3, 2017

security automation invest

MOST USED PLAYBOOKS OF 2017 #1:Phishing Playbook

Siemplify August 21, 2017

The Most Used Playbook Of 2017 series brings you the production playbooks noted by our professional services team as being most utilized and favored by customer SOCs. These playbooks implement best practice workflows for alert handling, alerts investigation, incident response and automation plans.

Get The Full Series

The Phenomenon of Phishing Attacks: How to Protect Yourself

Siemplify August 2, 2017

Phishing attacks are nothing new and a stalwart of the hacker repertoire. The proliferation of phishing attacks both simple and sophisticated continues to frustrate security professionals across the globe. Earlier this year, one of these phishing attacks came en masse in the form of fake Google Docs invites. As word of the phishing scheme spread, the need for a fast, orchestrated response was made clear.

3 Best Ways to Approach Security Incident Management

Siemplify July 27, 2017

The landscape of Security Incident Management has altered drastically

Ten years ago, the term “security incident management” was not commonplace as it is today. With cyber attacks becoming increasingly frequent, industries are scattering in every which direction to figure out how to best approach security incident management. In short: today’s challenges are never ending and exceedingly complex. Newfound problems demand timely, efficient, and above all, effective solutions. Here are 3 ways to best approach security incident management in today’s volatile cybersecurity landscape:

Siemplify Proudly Announces the Deployment of ThreatNexus 2.0 - Setting the Standard for Security Operations

Siemplify July 20, 2017

The demands and challenges within the scope of security operations are quite fierce. The problems plaguing security operations: alert fatigue, too many point solutions, shortage of analysts are well documented, and in many cases getting worse. These challenges are exacerbated with immense pressure driving burnout and high turnover among analysts.  

Why is Cyber Security Important - How To Avoid Threats

Siemplify July 19, 2017

In the ever growing battlefield of cyber security, it is nearly impossible to quantify the reasons why cyber security is important. Allowing malicious threats to run amok anywhere, at any time, and in any context is far from acceptable, and it especially applies to the intricate web of customer and company data that cyber security teams are striving to protect. In the never ending battle of good versus evil, doubling down on an effectively calculated cyber security strategy is paramount. There are a multitude of reasons to invest in new cyber security innovation for security operations teams, but we are going to break it down to a few important points:

Carbon Black and Siemplify Announce Integration Partnership

Siemplify July 14, 2017


Carbon Black and Siemplify are excited to announce a partnership to deliver a fully integrated solution for incident response. 

3 Best Practices For Building a Security Operations Center

Siemplify July 9, 2017

Building a sufficient security operations center (SOC) is no easy feat, not by a long shot. In analyzing the ideas and tools to use as your SOC’s cornerstone, you have to come up with a tailormade solution for your unique set of circumstances. The harsh truth is that increasing your budget on security alone cannot and will not adequately cover your bases. You have to utilize foresight and build your SOC on a base of knowledge instead. Below are 3 of the best ideas and practices to keep in mind while conceptualizing, developing and building a security operations center.

The Next Stage Of Security Automation - How Will It Evolve

Siemplify July 3, 2017

Before an organization can begin to analyze the benefits of security automation, a quick reminder of the threat faced by security breaches is necessary: According to the IBM Security Services 2014 Cyber Intelligence Index Analysis, in the region of 95% of security issues arising in companies and organizations occurred due to human error, and each lost data record cost on average $145 to a company. The report also found that the average company suffered from 91 million security events per year, of which over 100 could be classified as critical.

Petya Ransomware - How To Best Approach This Global Threat

Siemplify June 29, 2017

The recent cyber-attack caused disruption around the globe and has infected companies in an estimated 64 countries, including major banks, oil and gas organizations, law firms and advertising agencies. According to anti-virus vendor ESET, 80% of all infections were in Ukraine, with Germany second hardest hit with about 9%.

Siemplify partners with Palo Alto Networks for the launch of PAN Application Framework, shaping the future of cyber security

Miguel Carrero June 21, 2017


Palo Alto Networks recent 2017 Ignite Conference in Vancouver truly lived up to its namesake. The conference is a firestorm of activity billed as a “yearly reinventing of how Palo Alto customers rapidly adopt the most compelling new security technologies in the market.”

Webcast: SOC of the Future -- How to Run an Effective SOC

Siemplify May 21, 2017

Ransomware Attack Stuns the Globe, Security Orchestration Emerges as the Answer

Siemplify May 12, 2017
Hospitals throughout the UK were alerted early Friday morning of a potential ransomware attack, but by the time anyone could act, it was too late. The ransomware was already spreading and disrupting systems                  across the globe as part of a major infiltration. Ransomware remains one of the leading threats facing organizations today and is the Achilles heel of security teams struggling to keep up with multitudes of alerts.

Webcast: Former ArcSight Head Miguel Carrero Explores ESG-Siemplify Research

Siemplify May 10, 2017


Security Orchestration Made Simple: Effective Implementation Processes

Siemplify April 27, 2017

The challenges faced by a security operations center (SOC) are many and well-documented:
the workload is tremendous, while the workforce is limited, strained, and ill-equipped to handle the influx of alerts that constantly bombard their desktops.

The Top Priority Procedures For Incident Response

Siemplify April 25, 2017

Cybersecurity has become an increasingly challenging landscape to navigate. Having said that, there has been a constant evolution from conventional methods with which to combat threats. Enabling proper incident response through an efficient platform is part of our security orchestration specialty, and for good reason. By acknowledging your current security posture and evaluating your current tools and procedures, you are minimizing the impact attacks are capable of inflicting.

New Research On Security Orchestration, Automation and Incident Response

Siemplify April 24, 2017

In early 2017, Siemplify, in partnership with Enterprise Strategy Group (ESG), conducted extensive research on the priorities and challenges within security operations. There is no shortage of noise in the industry and we are committed to helping security leaders cut through that noise with hard data to drive real improvement in security operations.

Darkreading interviews Siemplify CEO Amos Stern on ESG Research

Siemplify April 13, 2017

Half of Security Pros Ignore Some Important Alerts

Short-staffed, more than half of organizations admit they ignore alerts that should be investigated because they lack resources to handle the overflow.

Responding to the New York Department of Financial Services Cyber Security Regulation

Siemplify April 4, 2017


Security Orchestration addresses latest cybersecurity  regulation plaguing financial services industry.

From SIEM to Security Orchestration

Siemplify March 22, 2017

Over the last decade, SIEM solutions have been the cornerstone of security operations.  As investments in detection rose, these systems were tailored and re-engineered to take on more and more data, alerts and logging capabilities. While a valuable and integral part of most enterprise security footprints, it has also shed light on critical dependencies. What is the limit of alerts an organization can triage? How many analysts are needed to truly manage a growing number of cases? And most importantly, how do we drive efficiency and productivity throughout security operations? The market is presently responding to this need by defining Security Orchestration as the next level of technological sophistication capable of maximizing SIEMs large installed base.  

Security Operations Challenges and Priorities for 2017

Amos Stern March 6, 2017

We are only a few months into 2017, and cybersecurity issues continue to occupy news headlines. “America has a ‘cybersecurity crisis,”says CNBC. “Does Cyber Security Have An Operational Excellence Problem?” asks Forbes. It is no surprise, really. After all, hacks, breaches, and security stories have provided some of the biggest mainstream news items for several years. If these issues are worrying the mainstream, there is no doubt they consume industry leaders.

3 Essential Things To Include In Your Cyber Security Strategy

Siemplify March 4, 2017

In this day and age, we are constantly playing keep up with technology. On a personal and a workplace level, it feels like a new device or software is being released right around the time we master its predecessor. The same challenge exists in the realm of cyber security.

The Benefits of a Cyber Incident Response Plan

Siemplify February 16, 2017

In this day and age, we are constantly playing keep up with technology. On a personal and a workplace level, it feels like a new device or software is being released right around the time we master its predecessor. The same challenge exists in the realm of cyber security.
cyber security strategy can provide positive ROI



Siemplify Wins 2017 Cutting Edge Incident Response Solution.

Siemplify February 14, 2017

Cyber Defense Magazine has announced that Siemplify has won the 2017 Award for Most Cutting Edge Incident Response Solution. Siemplify is thrilled to be showcased for its continuing leadership in incident response, security orchestration, and automation. The award will be presented to the Siemplify Executive team at the annual RSA Conference, taking place in San Francisco. This award closely follows Siemplify’s recent win of the 2017 CyberSecurity Excellence Awards for Fastest Growing Cyber Security Company.

Orchestration and Incident Response Platform for MSSP's

Siemplify February 13, 2017


Siemplify Awarded Fastest Growing Cyber Security Company

Siemplify February 10, 2017


In recognition of our accelerated growth and market demand Siemplify has been awarded the    2017 CyberSecurity Excellence Award for Fastest Growing Cyber Company. With our relentless focus on solving our customers’ most challenging security operations needs, we look forward to continuing to meet the growing demand for ThreatNexus Security Orchestration platform.

451 Research features Siemplify's security orchestration platform

Siemplify February 3, 2017


New report says “Siemplify SOC orchestration targets process quality and breadth, and analyst productivity.”

Webinar – Next Generation Analysts For Next Generation Threats

Siemplify February 2, 2017


Siemplify at RSA – What to look for

Siemplify January 26, 2017


Each year the security world descends on San Francisco for RSA – a week long showcase of products, people, parties and parting gifts delivering the best the cyber security industry has to offer. Siemplify is no stranger to RSA and will be out in force showcasing how we are setting the bar in Security Orchestration and Incident Response.

Top Cybersecurity Threats in 2017 - Siemplify

Siemplify January 19, 2017


With 2016 bringing political polarization into cybersecurity, we take a look into the top global cybersecurity threats in 2017

Siemplify makes top 10 list of cyber security companies to watch in 2017

Siemplify January 10, 2017


Momentum Partners, a Cybersecurity focused advisory firm based in Silicon Valley has recognized Siemplify in their “Cyber Security Watch List” in acknowledgment of Siemplify’s “Tremendous Momentum” in Q4 and heading into 2017. This report ranks Siemplify as one of the Top 10 hottest Cyber Security Companies to keep an eye on in the coming year. Drawing particular attention to Siemplify’s latest round of funding and the ThreatNexus Solution, Momentum Partners Highlights the most innovative Cyber Security Companies driving the future of the security landscape.

Siemplify Nominated for 2017 Cyber Defense Magazine InfoSec Award

Siemplify January 10, 2017

Siemplify is a proud nominee for the 2017 Cyber Defense Magazine InfoSec Awards in the Incident Response Category. Kicking off a stellar year with additional nominations for the 2017 CyberExcellence Awards, Siemplify is building on its industry relationships and claiming recognition from some of the cyber security world’s most active publications. Most recently, Siemplify CEO Amos Stern was featured in Cyber Defense Magazine’s December Issue in an article titled, “Orchestration is more than Automation“. Stern went on to point out that, “There is a delicate balance between human intervention and automation that requires the right underlying architecture and intelligence. Automation must be earned, not given”.

Siemplify Nominated for 2017 CyberSecurity Excellence Awards

Siemplify January 10, 2017


Siemplify is a proud nominee for the 2017 Cyber Defense Magazine InfoSec Awards in the Incident Response Category. Kicking off a stellar year with additional nominations for the 2017 CyberExcellence Awards, Siemplify is building on its industry relationships and claiming recognition from some of the cyber security world’s most active publications. Most recently, Siemplify CEO Amos Stern was featured in Cyber Defense Magazine’s December Issue in an article titled, “Orchestration is more than Automation“. Stern went on to point out that, “There is a delicate balance between human intervention and automation that requires the right underlying architecture and intelligence. Automation must be earned, not given”.

How Leading Organizations are Leveraging Security Orchestration

Siemplify January 10, 2017

Webinar: Next generation analysts for next generation threats – lessons from deploying best practices to hundreds of SOC teams!


Tuesday, January 24th, at 11:00 AM EDT (16:00:00 UTC)

Register now!

Security Orchestration is more than Automation

Amos Stern January 4, 2017


It’s no secret that security operations are under fire. In most enterprises, the only thing standing between a normal day and a financially devastating data breach is the security analyst. Yet, despite decades of investment in cyber security protection, detection, and intelligence tools, the analyst lacks a centralized software platform to operationalize all of this data in time to effectively prevent breaches from occurring. Drowning in a sea of alerts, and with the business on the line, SOC analysts are desperately seeking solutions. Automation is being hailed as the answer.

Driving ROI from Threat Intelligence & Security Operations

Meny Har December 28, 2016

Over the last few years, the issue of corporate cyber security has gone high profile and accordingly, budgets allotted to combating malicious infiltrators have grown exponentially. According to Gartner, in 2016 security spending was set to grow 7.9 percent, and the typical 1000-employee company is spending approximately $15 million attempting to keep their enterprise safe.  With a significant chunk of that spend directed to Threat Intelligence feeds. Yet in the rush to gather as much intelligence as possible, many organizations lack the structure to translate this data into actionable intelligence and measurable improvement in security. At the same time, CISOs are increasingly under the gun to prove ROI from current and future security investments.

InfoSecurity Magazine Webinar: The Future of Security Operations

Meny Har December 7, 2016

A Million Analysts Won’t Save Your SOC: The Future of Security Operations

What is Cyber Ontology? Deliver Context for Orchestration

Garry Fatakhov December 7, 2016

The modern Security Operations Center (SOC) is a highly complex system of point tools, all designed to keep sensitive corporate data secure. Each of these tools creates disparate data points and incidents. Security analysts investigate the barrage of incidents and alerts, looking for clues while asking themselves: is this alert stemming from an actual event? What is the source of this alert? Has this been through our system before?

Duplicate Alerts Draining Security Analysts’ Time

Garry Fatakhov November 22, 2016



As cyber attacks continue to expand in number and severity, many organizations find that they are unable to deal with the threat effectively. To attempt to quell and contain these threats, the modern security operations center (SOC) has become a complicated patchwork of disparate tools, each one designed to target the problem from its own angle. As each additional tool does its job, it creates information that resides in its own silo, leading to an endless stream of alerts to be processed. As these alerts pour in, they flood analysts with excess data, leaving them unable to discern the real threat from the noise, leading to an inability to effectively respond.

Putting Threat Intelligence to Work

Ryan Snell November 8, 2016

Last month I attended the FS-ISAC Fall Summit and was thrilled to see the overwhelming interest in making security operations more efficient and automated—confirming that the financial industry is shifting from detection-heavy investment to the operationalization of security.

Preparing for Cyber Attacks on our Power Grids

Siemplify October 27, 2016

This month we participated in NERC’s 2016 annual Grid Security Conference bringing together cybersecurity and physical security experts from industry and government to share emerging security trends, policy advancements, and lessons learned related to the electricity sub-sector.

A Million Security Analysts Won’t Save Your SOC

Siemplify October 25, 2016

It’s no secret that companies across the world face serious challenges when it comes to designing and maintaining their Security Operations Centers (SOC).

SC Magazine Article: Why it’s so difficult for SOC teams to trust automation

Siemplify October 18, 2016

sc-magazine-siemplify.pngThose managing corporate security environments can have mixed feelings towards automation. On the one hand, automation helps teams efficiently handle critical processes. On the other hand, over-reliance on automation can be dangerous. Automation is not a cure-all solution, but it has an important place in SOCs.

Why Financial Sector Socs Must Mature To Remain Secure

Siemplify October 11, 2016

Cyber criminals have their cross hairs firmly locked on the financial sector. Although financial institutions have long been primary targets for breaches, the challenges they face today are vastly different than those of the past. Once upon a time, robbing a bank involved devising a perfectly plotted and highly dangerous course of action, which only the most brazen attackers would dare attempt. The attacks of today are much subtler, so subtle, in fact, that they often go undetected by security teams.

FS-ISAC Fall Summit 2016

Siemplify October 10, 2016

Later this month we’re attending the FS-ISAC Fall Summit, an event dedicated to sharing the best security practices and trends among financial service institutions. One of our blue chip financial customers has illustrated the importance of such events, saying, “Look across the industry, we’re all trying to solve the same problem, but we’re all doing different things. There needs to be more sharing and collaboration at an industry level in order to keep our institutions safer.”

Shift To Response Requires Rethinking Security Infrastructure

Meny Har September 24, 2016

insecure-magazine-213x300.pngWhen it comes to corporate information security, it often feels like hackers have the advantage. In the September issue of (in)Secure Magazine , Siemplify CEO, Amos Stern, reviews the need to rethink security infrastructure in order to successfully transition from detection to response, saying, “…stop focusing solely on preventing breaches…What matters most is how and how fast your organization responds to threats.” Read what Stern has to say about this process, team efficiency, considering the whole story, and more  (article on page 42).

The Benefits of Semi-Automation | Siemplify

Meny Har September 7, 2016

In football, planning every move down to the smallest details is everything. Any coach worth his or her salt has a playbook of strategies and every move, as impulsive as it may seem, has been carefully calculated with perfect “If this, then that” precision, before it ever took place. Yet, although every play has been pre-charted, effective execution relies on the adaptability of players in the moment and a keen understanding of the adjustments that need to be made “in game”.

SOCs Require More Than a Band-Aid Approach

Garry Fatakhov August 31, 2016

SOC teams are tired of being held hostage to a sea of alerts, by disconnected point solutions (each proclaiming to be the holy grail), by manual processes, and by the shear limits of human horsepower. What can be done? What if you could actually cut investigation times from days to minutes? Shrink caseloads by 30% overnight? Triple the productivity of an individual analyst?

How To Propel The Next-gen Isoc - Siemplify

Gad Rosenthal August 29, 2016

The security operations center of an organization is essentially it’s eyes and ears, defining what elements should be given pass to entry and which ones must be kept out at all costs. The SOC is all that stands between the security and integrity of corporate data and the attackers looking to get their hands on whatever they can.
The very nature of the SOC is a highly complex and ever-expanding fabric of people, process and technology, trying to “keep it together” against threats, known and unknown. But as we have seen time and again, more tools and more people don’t necessarily equal more security. In the constantly evolving threat environment that organizations find themselves in today, they are going head to head with attackers using an overly complicated mix of tools that simply aren’t built to evolve.

CRN Exclusive: Siemplify Launches First Partner Program

Garry Fatakhov August 23, 2016

Siemplify™ today announced the launch of its Nucleus Channel Partner Program, which extends the reach of the company’s ThreatNexus™ security operations platform by making it available to partners and their customers on a national basis. 

Siemplify taking Security Channel by Storm

Garry Fatakhov August 23, 2016

As part of the recently announced Channel Partner Program, Siemplify’s Ryan Snell was interviewed by ChannelPartners Online.  “The biggest obstacle facing the security channel is the ‘security detection tool fatigue’ that has reached ‘bubble” status with customers”, Snell said.

Black Hat and Beyond - Siemplify

Siemplify July 31, 2016

As industry experts continue to stress the importance of becoming the next-generation SOC, it seems everyone struggles to grasp how to get there.

5 Reasons Why Security Operations Need More Than A SIEM

Siemplify June 13, 2016

SIEMs are mandatory tools for forensic security teams, aggregating logs from a multitude of sources, exploring within a dataset, and auditing thoroughly. But anyone who’s tried to run their security operations solely on a SIEM (Security Information and Event Management), knows all too well its limitations:

Next-Gen Security Operations Center in Action - Siemplify

Amos Stern May 1, 2016

Below is an eyewitness account we received from one of our U.S. bank customers following a security incident. Names and details have been withheld for confidentiality purposes.

Morgan Stanley and the CISO Dilemma

Amos Stern April 21, 2016

Last week I had the honor of speaking at the annual Morgan Stanley CTO Summit in London.  The Summit focused in part on what I believe is the fundamental problem facing cyber teams today: our inability to reduce the number of overall breaches. I suggested the answer calls for rethinking how security systems work together.

OPIsrael and the Value of Next Generation SOCs

Gad Rosenthal April 7, 2016

Today is an excellent opportunity to see how next generation SOC platforms are changing enterprise security. One of the biggest organized cyber attacks against Israeli organizations, #OPIsrael, is scheduled for today. It’s the kind of scenario that can overwhelm conventional security operation centers (SOCs) and one that brings out the value of the Siemplify platform. The Nature of the Threat The majority of attackers participating in #OPIsrael are hacktivist groups, like Anonymous. They will primarily be looking to launch distributed denial-of-service (DDOS) attacks against Israeli-related sites and publishing personal information (mainly credit card details):

Seeing Is Believing At RSA - Siemplify

Garry Fatakhov February 25, 2016

One of the most frequently asked questions about the Siemplify Threat Analysis Platform is how we compare to other cyber-security tools.  It’s a logical question, particularly seeing that we integrate with cyber-security tools, helping them be smarter and easier-to-use.  We’ll be demoing this very point at RSA next week.

Bringing Military Intelligence to Security Operations

Garry Fatakhov February 16, 2016

Transforming the way enterprises perform cyberthreat analysis, Siemplify emerged from stealth mode today with the first security operations platform to employ the same advanced cybersecurity methodologies used by leading military intelligence organizations. The Siemplify Threat Analysis Platform automatically correlates security alerts, identifies and prioritizes incidents, and graphically depicts the complete threat chain, setting new standards for time-to-insight and time-to-remediate. The Platform is available worldwide for commercial deployment. According to a study conducted by HP and the Ponemon Institute, companies need an average of 46 days to resolve a cyberattack. “The problem is not detection per se but discerning the threats hidden in the noise of thousands of alerts generated by the disparate security monitoring systems,” said Amos Stern, CEO and co-founder of Siemplify. “This makes it impossible to see the broader attack chain and identify root cause quickly.”

The Future of Security Operations - Siemplify

Amos Stern February 16, 2016

For the past 13 years, I’ve been heavily involved in the military intelligence community and the cyber security industry, setting up cyber defenses and training security personnel from leading enterprises and government organizations. During that time, I saw first-hand how cyber tools failed to address the operational challenges faced by security teams.  So I teamed up with Alon and Garry to build a new kind of security operations center (SOC) platform. The Siemplify Threat Analysis Platform, which we launched today, is  built from the ground up to address today’s real-world security challenges. It brings a “command-and-control” model to the SOC, combining real-time threat analytics, visual investigation, and incident response. See, what I found repeatedly when engaging with SOC teams was that all too often they were alerted to a threat — and a thousand other items. In fact, the security teams were inundated with so many alerts that they couldn’t identify the relevant ones. When they did identify threats, they lacked the visual tools to map and analyze them. The teams were further hampered by having to switch between security tools and tap into data repositories spread across the enterprise, which often necessitated mastering complex query and technical skills. Why So Many Alerts Threat detection is not a binary decision of “block” or “allow.” Security tools can’t always be 100 percent certain they will alert when something is suspicious. Because there are many fronts to protect there will inevitably be many different detection systems responsible for a different layer in the organization. This creates a situation in which detection systems fire off alerts individually and agnostically, giving security teams only pieces of the puzzle. Security teams are forced to analyze and make sense out of all this machine data and build the bigger picture. As more detection systems are added and attacks become more sophisticated, building that picture has become exponentially more complex. Minor, routine incidents trigger a flood of alerts that distract security teams. Threat actors leverage this fact to simultaneously employ multiple types of attacks and multiple attacks of the same type to generate a tidal wave of alerts, masking their true goals. The Answer: A New Kind of SOC Platform To solve the challenges of modern threat detection, we drew on our experience in military intelligence. Like cyber-security analysts, military intelligence analysts are expected to analyze and investigate threats, and initiate appropriate action. And like security analysts, intelligence analysts are hired for their ability to understand the meaning of data, not their technical ability to write a database query skills. And as such, the tools available to intelligence analysts aim to eliminate the technical complexity of intelligence analysis. They  process, normalize and correlate the raw alerts and data coming from various surveillance sources, allowing the intelligence analysts to focus on the bigger picture and easily initiate the necessary response. SOC platforms need to adopt a similar role and focus on enhancing human cognitive abilities. They need to be  “command-and-control platforms”  and eliminate as much complexity of threat analysis and incident response as possible. They also need to level up and make threat analysis and incident response easier by acting as a security integration fabric, pulling all available security tools and analytics into a single pane-of-glass. Security analysts would then be able to focus on their real job – understanding the patterns and higher order of meaning of security events.  More specifically, such a SOC platform should:

Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.


  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Subscribe to Email Updates

New Call-to-action

Top Stories