DFLabs, the award-winning Security Orchestration, Automation and Response (SOAR) vendor, announced a series of upcoming enhancements to its IncMan SOAR platform to provide security operations (SecOps) programs with an exquisite user experience, combined with more robust capabilities to better detect, respond to and resolve security incidents.
This new enhanced version of DFLabs IncMan SOAR will address the pervasive problem of duplicate alerts and false positives, which has a significant impact on the efficiency and effectiveness of organizations’ SecOps programs today.
DFLabs is extending its patented Automated Responder Knowledge (ARK) machine learning solution to include alert deduplication and incident aggregation, and this extension of ARK will significantly reduce the time lost to duplicate events and false positives, maintaining the high level of customizability and inclusion of user feedback already present in ARK today.
IncMan’s new user interface and user experience (UI/UX) is being designed from the ground up to make the most effective use of analysts’ time, and to provide all users with the most intuitive experience possible, with the goal of increasing analyst efficiency during day-to-day operations.
With a focus on providing users with clear, actionable information and enabling a collaborative environment, IncMan’s new UI/UX will be optimized for speed and customization to enable the UI/UX to be tailored to the individual customers’ SecOps program, including complex Managed Security Service Provider (MSSP) environments supporting a wide variety of individual use cases.
“SOAR is ultimately about bringing increased efficiency and effectiveness to SecOps programs for enterprises and MSSPs, and we have spent the last year gaining invaluable feedback from our existing and prospective clients,” said Michele Zambelli, CTO, DFLabs.
“Evaluating how IncMan is currently being used and implemented in real-world situations with different use cases has been critical for us and will determine how the platform continues to evolve to meet these ever-changing security needs.”
In addition to the UI/UX enhancements, DFLabs recognizes that business-critical security applications must be robust enough to power SecOps teams through a variety of network and systems challenges.
Clustering, high availability (HA), disaster recovery (DR), and horizontal scalability are all critical components of a solution which will act as the focal point of an organization’s SecOps program.
To address these needs, DFLabs will be releasing several new features providing customers with a wide variety of horizontal and vertical scalability, and disaster recovery, removing the need for this functionality to be provided by third-party applications.