Flashpoint released Flashpoint Automate, a low-code security automation platform that enables cyber threat intelligence (CTI), security operation center (SOC), fraud, vulnerability management, and physical security teams to build, implement, and accelerate automated incident response workflows around repetitive security-related tasks.
Using Automate, security practitioners can easily build and customize workflows from drag-and-drop actions to automatically identify and contextualize threats, which ultimately help teams prioritize and remediate threats to the enterprise.
Automate integrates with a continuously expanding third-party software suite, including the Flashpoint Intelligence Platform, enabling security teams to automate and advance workflows already embedded into their own internal investigative and response processes.
“Time and resources are the ultimate capital when investigating a complex and potentially damaging security event. As practitioners, we understand this tension well,” said Rob D’Aveta, Executive Director of Automation at Flashpoint. “We built Flashpoint Automate to give time back to our customers and also enable them to give time back to themselves. Its drag-and-drop workflow builder helps security teams automate repetitive, manual tasks at scale, allowing them to focus on more complex, rewarding work.”
Flashpoint Automate: Key features and benefits
Reducing analyst fatigue with pre-built enrichment workflows. On a day-to-day basis, analysts can become bogged down with research and response tasks that could be easily accomplished through automation, including manual research of multiple sources of data, such as IPs, domains, file hashes, and CVEs.
Increasing efficiencies for security teams. Flashpoint Automate features pre-built reference use cases that are designed to help teams get started quickly with common automated workflows. Or, security teams can build workflows to suit their own internal processes.
Repurpose resources to higher priority or complex investigations. When repeatable day-to-day processes are automated, organizations will be able to release more resources towards high-priority incidents and proactive risk remediation.
Vital context via integration. Flashpoint Automate works in concert with the Flashpoint Intelligence Platform and a continuously growing suite of third-party integrations, enabling security teams to both understand the threats affecting their organizations, prioritize them, and take action to defend their assets against the greater threat landscape. This includes compromised credentials and threat actor monitoring, IOCs, and vulnerabilities.
In November 2020, Flashpoint acquired CRFT, a security automation provider, which laid the foundation for Flashpoint to bring low-code automation to threat intelligence via Automate.
In January of this year, Flashpoint acquired vulnerability intelligence leader Risk Based Security (RBS) to provide vulnerability management, DevSecOps, and vendor risk management teams with critical insights into software vulnerabilities and risk within their own organizations, as well as their vendors.
“Automate puts intelligence to work, helping our clients reduce risk at scale,” said Matt Howell, SVP of Product at Flashpoint. “It marries process and mission and serves as the glue between intelligence and action. I’m excited to see the time and resources teams will be able to save using Automate.”