Defensys SOAR 4.7: New advanced features for the incident management

Defensys has released a new version of the Defensys Security Orchestration Automation and Response Platform (SOAR), a platform that is designed to automate monitoring and responding to cybersecurity incidents.

The Defensys SOAR 4.7 platform allows incidents to be combined into groups. You can work with a chain of related or the same types of incidents. One parent incident is selected for the group, the others are considered as child incidents. By grouping them, the user can examine and analyze cybersecurity events all together, if they have a common cause. Besides working with groups of incidents from the user interface, it is now available for the users to use in playbooks and through the public API of the system.

Playbooks were also updated. In version 4.7, the incident card has a playbook launch timeline with the ability to control its display: the user can navigate to the selected playbook, as well as collapse the playbook diagram into a compact block. The start button for a particular playbook can now be placed in the incident card itself.

Defensys customer support will notify current users when updates are available for migration. If you would like to receive an update for pre-testing and to familiarize yourself with the functionality, send us an email to support@defensys.com