LogicHub, a security orchestration, automation and response (SOAR) platform provider, has added autonomous detection and response capabilities to its SOAR+ platform.
SOAR+ automates decisions about threat hunting, threat detection, alert triage and incident response, LogicHub stated. It applies machine learning for malicious process detection to help security operations personnel identify cyber threats.
In addition, SOAR+ provides threat detection playbooks based on the MITRE ATT&CK framework, LogicHub said. SOAR+ autonomously maps attacks in real time to the MITRE ATT&CK framework, as well as provides immediate threat indicators and attack technique context.
SOAR+ also applies data science to automatically produce decision trees based on numerous alert factors, according to LogicHub. In doing so, SOAR+ analyzes and classifies incident alerts with 97 percent accuracy.
SOAR+ with autonomous detection and response is now available, and LogicHub will showcase the updated platform at the Black Hat USA 2019 conference in Las Vegas, Nevada.
A Closer Look at SOAR
SOAR solutions use artificial intelligence to help IT teams identify anomalous network behaviors and respond to cyber threats. As such, SOAR solutions are becoming increasingly important to global organizations looking to quickly identify and address cyberattacks.
Meanwhile, several SOAR platform providers recently have secured funding that could help these companies accelerate the SOAR market's growth.
Swimlane in May raised $23 million in a Series B funding round led by energy investment and innovation firm Energy Impact Partners. The company is using the funding to expand its global alliances and upgrade its SOAR platform's capabilities.