Siemplify revealed new machine learning capabilities in its security operations platform. With this new version, security operations teams can expedite day-to-day workflow activities such as assigning cases based on analyst experience and identifying threats that can shed light on the way to address new ones.
The Siemplify platform acts as a workbench for SOC teams by unifying security tools and processes across an organization’s entire environment. With this single pane of glass, security operations teams have a hub for managing technologies, investigating and triaging alerts, building and running consistent incident response playbooks and collaborating across the SOC.
Earlier this year, Cisco’s 2018 Annual Cybersecurity Report found that 34% of CISOs use machine learning to detect anomalies and notify their teams of potential vulnerabilities. With this detection capability comes the need for machine learning capabilities that help security operations teams keep pace and streamline security operations practices to address identified threats.
“Machine learning is often over-hyped, but our ability apply this technology to analyze all previous analyst actions and their outcomes, allows us provide truly valuable, usable recommendations and insights to security operations teams, ” said Amos Stern, co-founder and CEO, Siemplify.
“Security teams can now make better decisions that speed up the investigation and remediation of threats.”
Release features include:
- Machine learning for threat investigation – Assign cases to analysts based on previous case assignments and leverage prior threats to inform current investigations.
- Playbook editing features – Playbook customization and editing capabilities within the platform’s drag-and-drop playbook builder.
- Entity types for threat mapping – Identify and investigate entities and relationships to build a threat storyline, including credit cards, phone numbers, and threat actors.
- New dashboard widgets and functionality – Analysts and SOC managers can now get a view of SOC performance with additional SOC KPI widgets for visibility and continuous improvement.
Built by security operations experts, the Siemplify platform delivers an automation and orchestration engine that is customizable for engineers and a SOC workbench that analysts love. As a result, security operations teams using Siemplify are able to eliminate alert fatigue, triple analyst productivity and reduce mean time to respond by 70%.