Swimlane 10.0: Reducing mean time to detect and response for security incidents

Swimlane, an independent leader in security orchestration, automation and response (SOAR), announced the release of Swimlane version 10.0.

Swimlane 10.0

The newest release has yielded up to 35X performance improvement in alarm ingestion rates and up to a 60X improvement in search query response and display rates. Both achievements set new benchmarks for SOAR platforms, significantly reducing mean time to detect (MTTD) and response (MTTR) for security incidents.

“Today’s Security Operations Centers (SOC) are understaffed, overworked and still need to figure out how to investigate thousands of alerts every day,” said Swimlane Co-Founder and CEO, Cody Cornell.

“Swimlane enables SOC teams to integrate, scale and optimize security operations management across complex, hybrid-cloud environments, and our market independent approach to unifying security defense with SOAR empowers security teams to make informed, real-time decisions for any SecOps, DevOps or cloud security use case.”

With the release of version 10.0, Swimlane has:

  • Achieved new performance and scalability benchmarks for alert ingestion, queries, lookups, and alert deduplication.
  • Improved case, alert, event and indicator correlation and simplified the user experience for searching records across applications, easing the burden on overworked analysts.
  • Enhanced co-editing and collaboration functionality, enabling expanded case management, investigation, and proactive threat hunting activities.
  • Improved inline testing of third party plug-ins with an embedded interface to test, edit and retry plug-ins right from Swimlane, not in an external IDE.
  • Improved the high availability architecture, supporting Kubernetes and Docker running on RHEL and CentOS built for enterprise-scale with: disaster recovery and automatic failover capabilities (standard); an easy migration path to Python 3 and backward compatibility with 2.x; easier setup and configuration for single server and multi-tenant environments, including air-gapped deployments for critical infrastructure, financial services, government, intelligence and other environments that require air-gapped deployments with cloud-scale on-premise capabilities.
  • Streamlined UI/UX navigation with: elevated records search and user interaction functions to make filtering, dashboarding, and reporting a breeze for SOC analysts; simplified and enhanced case management by adding more intuitive viewing and comment threading for cases, alerts, and events.

“I’m so proud of the work our team did to get this version launched in time for the New Year,” said Swimlane Senior Vice President of Product and Technology, Chris Stimmel.

“Many from my team have worked in SOCs and understand their pain points on a very personal level. They take to heart Swimlane’s dedication to constantly level-up our SOAR technology to improve the lives and performance of SecOps professionals across the industry.”

Share this
You are reading
Swimlane

Swimlane 10.0: Reducing mean time to detect and response for security incidents