Demisto and Securonix Announce Integration Partnership to Automate Incident Management -- Technical Alliance Combines Security Automation and Orchestration with Cyber Security Analytics and Threat Detection
CUPERTINO, Calif. and ADDISON, Texas -- Oct. 26, 2017 -- Demisto, an innovator in Security Automation and Orchestration technology, and Securonix, the market leader in big data security and behavior analytics, today announced an integration partnership. Together, the two companies enable security operations center (SOC) analysts to dramatically improve their mean time to detect (MTTD) and mean time to response (MTTR), and more efficiently respond to cyber threats.
Security teams struggle with overwhelming numbers of alerts that need to be triaged, analyzed and remediated manually. To alleviate “alert fatigue” issues, security solutions need to improve detection rates, reduce false positives, and automate the response actions, while enhancing and retaining the appropriate context of the alert.
This bi-directional product integration solves these challenges and more. Demisto’s Security Operations Platform paired with Securonix’s SIEM and threat detection solution enriches investigation data with rich user context, activity timelines and violations. The combined solution enables security analysts and SOC managers to shorten the decision-making process by automating key tasks with included analyst reviews.
"Demisto integrates with Securonix to ingest high severity alerts and trigger automatic playbooks and workflows across different security products," said Rishi Bhargava, co-founder of Demisto. "Such integration reduces the time between detection and response. Together, Demisto and Securonix enable SOC teams to improve all aspects of their security management chain -- including improving detection and prioritization by adding relevant context and speedy response orchestration."
Securonix’s SNYPR next-generation SIEM platform leverages a Hadoop big data infrastructure stack coupled with data science to detect and prioritize advanced cyber-attacks in real-time. SOC teams are alerted to a highly accurate and manageable number of critical threats using supervised and unsupervised machine learning algorithms.
"Finding the critical cyber-attacks against your organization is only the first step,” said Nitin Agale, SVP of Product at Securonix. “Quickly taking the necessary data gathering and threat mitigation steps are equally important to prevent massive data breaches. By automating the routine security response actions, security teams can shrink the incident response times, and address a much larger number of threats, thereby reducing overall risk."
Demisto Enterprise integrates with more than 140 security products and enables customers to build playbooks for different security operations. These playbooks can include automation tasks or best practice steps to be followed in case of a security incident. Demisto’s playbooks help reduce MTTR (Mean Time to Response) for security incidents. In addition, the case management and machine learning capabilities help security teams save resources and time while enforcing rigor and process to incident response.
Securonix radically transforms enterprise security with actionable intelligence. Its purpose-built security analytics platforms mine, enrich, analyze, score and visualize data into actionable intelligence on the highest risk threats to organizations. Using signature-less anomaly detection techniques, Securonix detects data security, insider threat and fraud attacks automatically and accurately.
Demisto Enterprise is the first and only comprehensive Security Operations Platform to combine security orchestration, incident management, machine learning from analyst activities, and interactive investigation. Demisto’s orchestration engine automates security product tasks and weaves in the human analyst tasks and workflows. Demisto enables security teams to reduce mean time to response (MTTR), create consistent incident management process, and increase analyst productivity. Demisto is backed by Accel and other prominent investors and has offices in Silicon Valley and Tel Aviv.