DFLabs Innovative Open Framework Enables Fine Grained Integration of SOAR and Security Tools

SOCs and MSSPs Can Now Add Unique Incident Response Actions to IncMan SOAR Platform without Coding Experience

BOSTON & MILAN--()--DFLabs, the award-winning Security Orchestration, Automation and Response (SOAR) vendor, today announced a new version of the IncMan SOAR platform that provides an open integration framework for customizing and adding new automated integrations between security tools and IncMan SOAR, without the need for complex coding. This capability enables security teams to easily add and orchestrate new functions between IncMan SOAR and third party products in order to address unique requirements and workflows.

Organizations can now easily extend the existing IncMan SOAR product integrations with new functions they require. For example, an enterprise using a vulnerability assessment tool may want to exclude a legacy application from being scanned due to concerns it may cause unexpected failures. A specific action, which would prevent custom scans of the application from automatically being initiated through an IncMan Runbook, can be added in just minutes.

For complete flexibility, IncMan SOAR defines all integrations at the action level, not as one monolithic file. This allows users to easily add actions to existing integrations without the need to modify existing code and enables portability and sharing at the action level. To provide additional security and eliminate the risk of conflicting libraries, execution of each integration occurs within a unique Docker container that is easy to configure.

“Every IT environment is unique and has different requirements when it comes to automation of security actions,” said Michele Zambelli, CTO of DFLabs. “The IncMan SOAR open integration framework replaces the proprietary vendor orchestration model between security tools with a new open approach that puts enterprises and MSSPs in complete control of which actions they want, and don’t want, to automate for incident response.”

DFLabs’ new open integration framework is part of DFLabs’ commitment to delivering a more open, community oriented solution to automation and orchestration. Over the next several months, DFLabs will be introducing several new innovations to further its goals for increasing user, MSSP, partner and community involvement.

Additional Enhancements
In addition to the open integration framework, the new version if IncMan SOAR includes an enhanced REST API that allow users to extend and integrate security automation and orchestration with other processes in new and exciting ways. DFLabs will continue to add new functionality to this REST API, to provide broader extensibility for customers and integration partners.

To enable granular control over which events are forwarded to the START Triage module for enrichment and to validate whether they should be converted directly into a security incident, IncMan SOAR now accept inputs for START Triage from any supported data ingestion methods, including syslog, email and the API.

About DFLabs IncMan SOAR

DFLabs IncMan SOAR is the only platform capable of full security incident lifecycle automation. Its patent pending R3 Rapid Response Runbooks use hundreds of automated actions to provide workflows and execute a variety of data enrichment, notification, containment and custom actions based on complex, stateful and logical decision making. This accelerates the ability of responders to assess, investigate and hunt for threats. Runbooks also collect and facilitate knowledge transfer between incident response (IR) and SOC teams.

Availability
DFLabs IncMan SOAR version 4.5 with the open integration framework is available immediately from DFLabs and its business partners worldwide.

About DFLabs
DFLabs is an award-winning and recognized global leader in security orchestration, automation and response (SOAR) technology. The company’s management team has helped shape the cyber security industry, which includes co-editing several industry standards such as ISO 27043 and ISO 30121. Its flagship product, IncMan SOAR, has been adopted by Fortune 500 and Global 2000 organizations worldwide. DFLabs has operations in Europe, North America, and EMEA. For more information, visit www.dflabs.com or connect with us on Twitter @DFLabs.

Contacts

Marc Gendron PR for DFLabs
Marc Gendron, 781-237-0341
marc@mgpr.net

Release Summary

New DFLabs open integration framework enables fine grained customization of SOAR actions between IncMan and security tools with no complex coding.

Contacts

Marc Gendron PR for DFLabs
Marc Gendron, 781-237-0341
marc@mgpr.net