DFLabs has released a new version of its IncMan security orchestration, automation and response (SOAR) platform for MSSPs.
The new release, IncMan SOAR 4.5, provides an open integration framework for customizing and adding automated security integrations, according to a prepared statement. It allows security teams to add and orchestrate functions between IncMan SOAR and third-party products to address security requirements and workflows.
Also, IncMan SOAR 4.5 executes each security integration within a Docker container, DFLabs said. This ensures that security teams can add automated integrations without any coding.
Introducing the IncMan SOAR REST API
In addition to the open integration framework, IncMan SOAR now features a REST application programming interface (API) that allow end users to extend and integrate security automation and orchestration with various security processes.
The IncMan SOAR REST API provides security teams with granular control over security events, DFLabs stated. It supports data ingestion via email and other methods and validates whether security events should be converted into security incidents.
IncMan SOAR 4.5 is now available, and DFLabs intends to launch new platform upgrades in the next few months.
What Is IncMan SOAR?
IncMan SOAR enables MSSPs to assess, investigate and hunt for cyber threats. It is built on the DFLabs R3 Rapid Response Runbook engine and allows end users to orchestrate and automate a variety of incident response activities, including:
- Data and context enrichment.
- Incident triage.
- Stakeholder notification.
- Threat containment.
MSSPs can use IncMan SOAR to deliver security monitoring and incident response services. They also can leverage IncMan SOAR's pay-as-you grow licensing model to deliver premium and advanced security services and manage more incidents for more customers at a lower overall cost, DFLabs indicated.
DFLabs and the SOAR Market: Here's What MSSPs Need to Know
Founded in 2004, DFLabs allows MSSPs to harness machine learning and automation to orchestrate security operations and incident response. DFLabs helps MSSPs orchestrate the security incident and investigation lifecycle and could capitalize on the rising demand for SOAR tools in the years to come.
Less than 1 percent of security teams larger than five people leveraged SOAR tools for orchestration and automation reasons last year, according to Gartner. Meanwhile, Gartner has projected this figure will rise to 5 percent by 2020.