DFLabs has released a new version of its IncMan security orchestration, automation and response (SOAR) platform for MSSPs.The new release, IncMan SOAR 4.5, provides an open integration framework for customizing and adding automated security integrations, according to a prepared statement. It allows security teams to add and orchestrate functions between IncMan SOAR and third-party products to address security requirements and workflows.Also, IncMan SOAR 4.5 executes each security integration within a Docker container, DFLabs said. This ensures that security teams can add automated integrations without any coding.MSSPs can use IncMan SOAR to deliver security monitoring and incident response services. They also can leverage IncMan SOAR's pay-as-you grow licensing model to deliver premium and advanced security services and manage more incidents for more customers at a lower overall cost, DFLabs indicated.
Introducing the IncMan SOAR REST API
In addition to the open integration framework, IncMan SOAR now features a REST application programming interface (API) that allow end users to extend and integrate security automation and orchestration with various security processes.The IncMan SOAR REST API provides security teams with granular control over security events, DFLabs stated. It supports data ingestion via email and other methods and validates whether security events should be converted into security incidents.IncMan SOAR 4.5 is now available, and DFLabs intends to launch new platform upgrades in the next few months.What Is IncMan SOAR?
IncMan SOAR enables MSSPs to assess, investigate and hunt for cyber threats. It is built on the DFLabs R3 Rapid Response Runbook engine and allows end users to orchestrate and automate a variety of incident response activities, including:- Data and context enrichment.
- Incident triage.
- Stakeholder notification.
- Threat containment.
