Demisto SAO, Securonix SIEM Partner for Automated Incident Management
Demisto, a security automation and orchestration (SAO) technology provider, has partnered with security intelligence platform company Securonix to deliver an automated incident management product integration.
The integration blends Demisto’s Security Operations Platform with the Securonix security information and event management (SIEM) and threat detection solution, according to a prepared statement. Together, these offerings enable Demisto and Securonix to provide a combined solution that delivers cyber threat investigation data with user context, activity timelines and violations.
With the integration, security operations center (SOC) teams can improve their mean-time-to-detect (MTTD) and mean-time-to-response (MTTR), Demisto stated. The integration uses machine learning algorithms to detect threats and alert SOC teams, Demisto said, and enables these teams to automate tasks to accelerate threat remediation.
Furthermore, the integration allows SOC teams to bolster their threat detection and prioritization by adding context and response orchestration to their security capabilities, Demisto founder Rishi Bhargava indicated. It also helps SOC teams reduce the time between threat detection and response, Bhargava noted, and improve all aspects of their security management chain.
Demisto Launches Integrations with Wipro, Guidance Software
In addition to the Securonix integration, Demisto in April partnered with IT and business process services company Wipro to deliver integrated and automated incident response as a managed security service.
The managed security service blends Wipro’s Cyber Threat Management Platform with Demisto’s incident response solution, according to a prepared statement. It provides SOC teams with security orchestration, incident management and interactive investigation capabilities, Demisto said, and helps these teams identify and address cyber threats faster than ever before.
Also, Demisto in March launched an integration in conjunction with Guidance Software, which provides applications for endpoint data security and digital investigations. The integration is designed to help SOC teams orchestrate incident response across multiple security products and provide forensic-grade threat remediation, Demisto said in a prepared statement.
Demisto offers integrations with more than 140 security partners, the company indicated. With these integrations, Demisto enables customers to build playbooks, i.e. automation tasks or best practice steps, for different security operations.