Security Automation

Key Features 

  • Security Information & Event Management (SIEM)
    • Additional context mining through integration with tools like Endpoint Detection and Response (EDR), Integration for first level incident response
  • Access Management
    • Onboarding, Password management, Termination workflows
  • Virus Management
    • Triggering manual removal of infected files, and closing alert if successful
  • User Accounts
    • User account lock to contain malware/ransomware based on Indicator of Compromise (IoC) detection
  • Phishing Email Investigation
    • Automated investigation of phishing email, integration with ITSM tool, deleting suspicious emails for all recipients in the secure email gateway, blocking email header domains in OpenDNS/Firewall, sending email copy to email threat engine for automatic block, notifying key security personnel if a source exceeds a threshold
  • Vulnerability/Deep Security Scans
    • Automated scans on suspicious assets when certain IoCsare intercepted in other security tools
  • Automated Confirmation Workflows
    • User confirmation with justification if behavior was noticed, to ensure that it was not a malware bot performing that particular action. If the user confirms that it was not him/her this will be notified to a security analyst on the shift

Schedule a Demo