27/06/2024
The Defensys company issued the fifth version of its SOAR platform which is core solution for building Security Operations Centers (SOC) of different scales. SOAR v 5.0 got a lot of new features. In particular there appeared a native part in the incident card for working with IoCs which come from security alerts and Threat Intelligence platforms. User experience in operating with playbooks updated significantly as well. Besides the overall interface of the system got serious enhancements.
Important changes are ready to be used in the core functional block of incident management. The version 5.0 of Defensys SOAR gives you the opportunity to work with groups of incidents and it helps users conveniently handle cases when several incidents are related between each other. You can simply customize policies for auto filling field values inside this group of incidents. For example the parent incident status could be just inherited in included incidents or the total amount of damage will be automatically placed into the dedicated field in the parent incident. One more important feature is the part of incident card specially tailored to work with IoCs in the most convenient way and of course all the results of operating with IoCs are distributed into the variety of dashboards.
New user experience when working with the launched playbook on a timeline inside the incident card makes the response process even more effective than earlier. Furthermore now users can design buttons for launching different playbooks from the special field in a card. This way for example you can prepare “wizard”-like interactive cards that will simply guide Tier 1 analysts of SOC through the response procedure at their stage of investigation. And also you can customize mandatory fields for switching the incident status and much more in this update.
We continue improving and expanding API methods of interacting with the system. At the moment the existing API helps us and our partners seamlessly embed Defensys SOAR in IT infrastructures of different scales and complexities.
«As a result of a hard long work this release received numerous amount of new features both big and tiny. This is the most large-scale Update in a several years.
New features will help to be more agile when orchestrating the Cyber Security and conveniently handle incidents when they appear more and more daily. Besides the functional features since this version we started smooth implementation of a new design in SOAR. In next updates you will see brand new SOAR with all the functional blocks placed to meet ever-changing demands for convenience and effectiveness from our Enterprise scale customers», – says Daniel Borodavkin, SOAR product manager of Defensys.