Blokworx, WitFoo Extend SIEM, SOAR to MSP Security Partners
Blokworx, a Top 250 MSSP and master MSSP, has integrated the WitFoo Precinct security operations platform into its offerings, according to a prepared statement.
Precinct enables Blokworx partners to deploy security offerings that shorten response times and automate correlation of threat data, Blokworx President Robert Boles said. It also allows Blokworx partners to deliver security information and event management (SIEM) and security orchestration, automation and response (SOAR).
What Is Precinct?
Precinct is a diagnostic security operations platform that combines SIEM, SOAR and incident response capabilities to deliver cyber threat data and insights, WitFoo said. The platform’s features include:
- Incident Response: Uses crowdsourced threat intelligence to provide analysis of active cyberattacks
- Security Management: Provides metrics to evaluate the performance of security management tools and personnel
- Information Sharing: Allows organizations to share threat intelligence with one another
Precinct can be used in conjunction with tools and technologies from VMware Carbon Black, CrowdStrike and other cybersecurity vendors, WitFoo indicated. MSSPs and other channel partners also can integrate Precinct into their portfolios via WitFoo’s partner program.
What Does the Precinct Integration Mean for Blokworx?
The Precinct integration enhances Blokworx’s managed security services portfolio. As such, the integration could help Blokworx foster new partnerships with MSPs.
Blokworx provides the following managed security services:
- Secure Network Perimeter Response: Consists of next-generation firewall and security operations center (SOC) services
- Managed Advanced Endpoint Defense: Provides deep learning technologies for endpoint protection
- Secure Cloud Unified Defense: Scans for cyber threats across Microsoft Office 365, SharePoint and other cloud email and collaboration applications
In addition, Blokworx provides the Conflux Next-Generation Security Appliance threat detection and response platform. Conflux offers edge-to-endpoint threat detection and response and does not require any on-premise appliances or toolsets, the company said.