Defensys has announced a new release of the Defensys TIP version 3.24. New functions of the Defensys TIP are aimed at automation of indicators of compromise (IoCs) handling and increase of threat analysis effectiveness.

One of the key changes is the expansion of IoCs export capabilities to security tools. The developer has added the option to create IoCs export rules of IP-address type in OpenIOC format for further transfer to target systems. These improvements expand IoCs export capabilities and make information security processes more effective.

The updated Defensys TIP 3.24 has a modified IoCs search within data flow coming from SIEM systems:

  • Information regarding IoCs detection events in CEF format can now be sent back to SIEM systems;

  • The filter for events from Apache Kafka has been added. The feature enables events search within the flow in accordance with the defined fields.

Cybersecurity News

Defensys has introduced the new version of the Defensys SOAR. The team of experts has improved the user interface so that SOC analysts can solve their daily tasks more productively. To promote communication among CS specialists, the 5.3 version has a modernized email handling. Moreover, the function for calculating the incidents’ impact on business processes has been added to the Defensys SOAR. It increases transparency of SOC work to assess cyber security state in organizations. New function will accelerate the decision-making process on response prioritization, as well as managerial decisions on building the information protection system.

The key update in the user’s interface is the improved editing mode in incident cards. Now depending on the task SOC analysts can choose either point field editing to make quick corrections or edit mode if multiple changes are required.

Additionally, the version has multiple interface changes that make it more intuitive and the displayed information more readable:

  • The “Incidents” section has been redesigned and an action panel has been added;

  • The display of incident severity level has been redesigned;

  • A setting that allows users to switch to a compact view while working with incident list has been added;

Cybersecurity News

In order to improve the process of working with incoming cybersecurity events Defensys has expanded functionalities of the Defensys SIEM. The release 1.3 has a range of updates: the developer has increased the number of functions for events collection and handling, implemented new tools for content processing and search, added a report builder and new integrations to external systems. These changes will lead to better security of IT infrastructure and improve efficiency of CS specialists.

Defensys continues developing technologies for data protection and prevention of cyberattacks. New features are included in the event processing pipeline by Defensys’ specialists, updates allow SOC’s analysts to manage data processing collection in the system’s interface. Thus, the Defensys team has added new elements to the already available input and output points, buses and event normalizer, among them are an aggregator, a router and a filter. This allows users to customize event handling at its fullest, that is especially important for a large infrastructure of sources and systems.

Cybersecurity News

Cybersecurity news

Cybersecurity news

Cybersecurity news

Cybersecurity news