Intelligent Machine Learning for Better SOC Management
The Siemplify security orchestration platform gets smarter with each case to expedite threat analysis and remediation. Siemplify’s machine learning algorithms now recommend the best analyst to handle a particular threat based on based on previous case assignments.
Additionally, the system now displays cases that are similar to the case under review allowing analysts to review how a particular case was handled in the past.
Fig. 1: Siemplify provides recommendations for the best analyst to work a case and lists similar cases for reference.
Enhanced Playbook Editor Drives Improved Incident ResponseDesigning and customizing playbooks has never been easier. Siemplify'sfast, responsive interface enables security operations teams to duplicate/clone playbooks with the click of a button as well as save multiple versions of the same playbook and restore previous versions. To further save time and continuously improve, playbook designers can add/remove/merge/unmerge branches in a playbook without needing to recreate the entire workflow.
Fig. 2: Create, clone and manage playbooks with a single click.
Fig. 3: Add/remove/merge/unmerge playbook branches on the fly.
Measure and Manage SOC KPIs with Robust DashboardsSecurity analysts, SOC managers and CISOs can now get an even better view of SOC performance with additional SOC KPI widgets for enhanced visibility and continuous improvement. Dynamically measure mean time to detection (MTTD), mean time to respond (MTTR) and mean time to containment (MTTC) and export dashboards to PDF for easier sharing.
Fig. 4: Utilize new widgets and easily export dashboards to PDF
Additional Security Orchestration, Automation & Incident Response FeaturesSiemplify's security orchestration and automation platform continues to expand its capabilities to equip security operations teams around the globe to make better decisions, faster. Additional features in version 4.25 include:
- Upgraded case wall for enhanced collaboration
- Additional entity types for threat mapping
- Upgraded SLA mechanism
- Deeper search functionality
- Expanded case management capabilities
Check out version 4.25 of our security orchestration and automation platform for yourself. Request a demo to see how you can start orchestrating your security technologies and improving your incident response processes.