BOSTON & MILAN--(BUSINESS WIRE)--DFLabs, the award-winning Security Orchestration, Automation and Response (SOAR) vendor, today announced a new version of the IncMan SOAR platform that provides an open integration framework for customizing and adding new automated integrations between security tools and IncMan SOAR, without the need for complex coding. This capability enables security teams to easily add and orchestrate new functions between IncMan SOAR and third party products in order to address unique requirements and workflows.
Organizations can now easily extend the existing IncMan SOAR product integrations with new functions they require. For example, an enterprise using a vulnerability assessment tool may want to exclude a legacy application from being scanned due to concerns it may cause unexpected failures. A specific action, which would prevent custom scans of the application from automatically being initiated through an IncMan Runbook, can be added in just minutes.
For complete flexibility, IncMan SOAR defines all integrations at the action level, not as one monolithic file. This allows users to easily add actions to existing integrations without the need to modify existing code and enables portability and sharing at the action level. To provide additional security and eliminate the risk of conflicting libraries, execution of each integration occurs within a unique Docker container that is easy to configure.
“Every IT environment is unique and has different requirements when it comes to automation of security actions,” said Michele Zambelli, CTO of DFLabs. “The IncMan SOAR open integration framework replaces the proprietary vendor orchestration model between security tools with a new open approach that puts enterprises and MSSPs in complete control of which actions they want, and don’t want, to automate for incident response.”
DFLabs’ new open integration framework is part of DFLabs’ commitment to delivering a more open, community oriented solution to automation and orchestration. Over the next several months, DFLabs will be introducing several new innovations to further its goals for increasing user, MSSP, partner and community involvement.
Additional Enhancements
In addition to the open integration
framework, the new version if IncMan SOAR includes an enhanced REST API
that allow users to extend and integrate security automation and
orchestration with other processes in new and exciting ways. DFLabs will
continue to add new functionality to this REST API, to provide broader
extensibility for customers and integration partners.
To enable granular control over which events are forwarded to the START Triage module for enrichment and to validate whether they should be converted directly into a security incident, IncMan SOAR now accept inputs for START Triage from any supported data ingestion methods, including syslog, email and the API.
About DFLabs IncMan SOAR
DFLabs IncMan SOAR is the only platform capable of full security incident lifecycle automation. Its patent pending R3 Rapid Response Runbooks use hundreds of automated actions to provide workflows and execute a variety of data enrichment, notification, containment and custom actions based on complex, stateful and logical decision making. This accelerates the ability of responders to assess, investigate and hunt for threats. Runbooks also collect and facilitate knowledge transfer between incident response (IR) and SOC teams.
Availability
DFLabs IncMan SOAR version 4.5 with the open
integration framework is available immediately from DFLabs and its
business partners worldwide.
About DFLabs
DFLabs is an award-winning and recognized
global leader in security orchestration, automation and response (SOAR)
technology. The company’s management team has helped shape the cyber
security industry, which includes co-editing several industry standards
such as ISO 27043 and ISO 30121. Its flagship product, IncMan SOAR, has
been adopted by Fortune 500 and Global 2000 organizations worldwide.
DFLabs has operations in Europe, North America, and EMEA. For more
information, visit www.dflabs.com
or connect with us on Twitter @DFLabs.
