Defensys has introduced the new version of the Defensys SOAR. The team of experts has improved the user interface so that SOC analysts can solve their daily tasks more productively. To promote communication among CS specialists, the 5.3 version has a modernized email handling. Moreover, the function for calculating the incidents’ impact on business processes has been added to the Defensys SOAR. It increases transparency of SOC work to assess cyber security state in organizations. New function will accelerate the decision-making process on response prioritization, as well as managerial decisions on building the information protection system.
The key update in the user’s interface is the improved editing mode in incident cards. Now depending on the task SOC analysts can choose either point field editing to make quick corrections or edit mode if multiple changes are required.
Additionally, the version has multiple interface changes that make it more intuitive and the displayed information more readable:
- The “Incidents” section has been redesigned and an action panel has been added;
- The display of incident severity level has been redesigned;
- A setting that allows users to switch to a compact view while working with incident list has been added;
- A button for a quick display switch of scenarios running on incidents has been added.
The version 5.3 brings together two demanded features: the ability to create incidents from emails and to send emails related to incidents directly in the system. This functionality can now be set up and used utilizing the same email box. Furthermore, response scripts now include a visual HTML editor for automatic messages. New features make functionality customization easier and help to improve the communication efficiency via email during incident investigations.
One of the most important changes in this version is the ability to calculate and display the impact of CS incidents on organizations’ assets and business processes. This feature operates on basis of the resource-service model, allowing users to visualize how incidents recorded in the Defensys SOAR affect business processes. The impact is calculated depending on the incident severity level and a customizable equipment linkage graph.
“Cyber security in the world is being actively developing. SOCs are able to solve more and more complex tasks with an increasing automation degree. A modern SOAR should be convenient in details, technologically-simple and provide analytical tools for business at the same time. In the Defensys SOAR 5.3 release we have worked on these aspects” – commented Andrey Chechetkin, Deputy CEO at Defensys.