Demisto, an innovator in Security Automation and Orchestration technology, and the Platinum ‘ASTORS’ Award Winner for Best Cyber Security for Incident Management in the 2017 ‘ASTORS’ Homeland Security Awards Program, is now offering it’s Security Operations Platform as a cloud SaaS offering for organizations and Security Operations Center (SOC) analysts.
The SaaS solution enables analysts to dramatically improve Mean Time To Response (MTTR) and more efficiently respond to cyber threats while taking advantage of a flexible hosted deployment and subscription pricing.
Organizations can now leverage the same power of automation, orchestration, collaboration and incident management currently offered in Demisto’s Security Orchestration Platform, but without the need to setup and host the infrastructure.
This deployment model adds flexibility and ease-of-use, as Demisto takes care of the entire setup, ongoing maintenance, backup and recovery of the system.
Customers still leverage complete control of the playbooks and integrations they would like to setup for their environment.
of Vermont Medical Center
In addition, subscription-based pricing helps organizations benefit from the OpEx saving model, rather than investing upfront in hardware and software.
“With Demisto Enterprise, we were able to see the benefits right away as our onboarding was seamless due to the SaaS deployment model,” said Brendan Chamberlain, information security IR strategist at the University of Vermont Medical Center.
“And compounding our ROI was how quickly Demisto enabled us to create consistent and documented incident response processes.”
“We were then able to automate these processes into playbooks that significantly reduced our time to respond for every incident. It was a double win right out of the gate.”
(Learn More, courtesy of Demisto, Geektime and YouTube)
Scale Incident Investigation, Response and Reporting
Bi-directional Integration with products for Information Enrichment and Response Actions
- Dozens of built in integrations ready to configure with ease
- Bi-directional integrations enable automatic data collection for investigation and response actions
- Build custom integrations in python and javascript with an open and extensible SDK
Triage and Respond Rapidly through Automated Playbooks
- Create new incidents automatically or manually by end user or security team
- Assign automated, playbook-based workflows to incidents for immediate and scalable response
- Create new playbooks or edit out-of-box ones based on security best practices and compliance regulations
Investigate and Collaborate with Security ChatOps
- Collaborate and take notes in context of investigation to expand insights and simplify handoffs
- DBot automatically detects duplicate incidents to reduce redundant work based on data in virtual war-room
- Issue data enrichment ChatOps commands and response tasks to DBot from within virtual war-room
- Delegate to and mentor junior analysts – via collaborative chat room
Journaling and Evidentiary Support
- Capture artifacts from integrated security solutions, notes and comments as evidence
- Correlate, link and track evidence to create a complete kill chain for attack
- Track complete audit trail for journaling and evidentiary support
Report, Assess and Audit via Automated Documentation
- Develop a clear understanding of incident trends and response to make business decisions
- Auto-document and generate report for each incident from the evidence data
- Track playbook tasks completed and SLA for each incident
Demisto Enterprise is architected with features such as multi-tenancy and network engine proxy that enable this mode of easy deployment.
The network engines can be deployed on premise and be the point of interaction with customers’ security tools to maintain a secure HTTPS connection with the Demisto service.
“Organizations are benefitting from the value Demisto’s security automation and orchestration delivers across different and growing security teams, and our cloud offering helps teams scale with ease,” said Dan Sarel, co-founder and VP Products of Demisto.
“Our new SaaS offering provides an even easier adoption model for organizations wanting to start small and expand over time as they don’t have to worry about infrastructure setup or maintenance.”
Demisto Enterprise integrates with more than 140 security products and enables customers to build playbooks for different security operations.
These playbooks can include automation tasks or best practice steps to be followed in case of a security incident.
Demisto’s playbooks reduce MTTR for security incidents.
In addition, the case management and machine learning capabilities help security teams save resources and time while enforcing rigor and process to incident response.
The 2017 ‘ASTORS’ Homeland Security Awards Program
American Security Today’s 2017 ‘ASTORS’ Homeland Awards Presentation Luncheon at ISC East was an overwhelming success, with distinguished guests from National, State and Local Governments, and Industry Leading Corporate Executives from companies allied to Government.
Over 100 professionals gathered from across North America and the Middle East to be honored from disciplines across the Security Industry in their respective fields which included:
- The Department of Homeland Security
- The Department of Justice
- The Security Exchange Commission
- State and Municipal Law Enforcement Agencies, and
- Leaders in Private Security
Recognized for their Innovative Training and Education Programs, Outstanding Product Development Achievements and Exciting New Technologies to address the growing Homeland Security Threats our Nation is facing.
American Security Today was formed after careful reflection of 9/11 and its aftermath when the Department of Homeland Security was established and there was an immediate explosion of new products and solutions for what was perceived as an imminent second attack on primary targets in the United States.
As time moved forward from 9/11 itself and in recent years, the threats to our nation have evolved from a large scale 9/11 type attack to:
- Domestic and International Terrorist Attacks carried out by ‘lone wolves’ and coordinated individuals
- Cybersecurity breach attacks against our government agencies, financial institutions and critical infrastructure facilities
- Unprecedented urban violence
- Cultural shifts and societal media bias, which make it increasingly difficult to secure our nation in this constantly evolving threat environment.
These current circumstances have put forward another rapid expansion of new ideas, products and solutions to combat these ever changing challenges.
These changes have called for a new generation of security experts in the Homeland Security and Public Safety fields who need real time knowledge of our ever growing threats.
These experts include the Government at the Federal, State and Local levels as well as from Private Firms specializing in Physical Security, Port Security, Law Enforcement, First Responders, Military and Private Security responsible for implementing coordinated security measures to ensure our Nation’s Security and improve Public Safety.
Together, each of these entities work together seamlessly on the front lines of protecting our communities, to ‘Keep our Nation Secure, One City at a Time.’
AST focuses on Homeland Security and Public Safety Breaking News, the Newest Initiatives and Hottest Technologies in Physical & IT Security, essential to meeting today’s growing security challenges.
To highlight the tremendous accomplishments of agencies and firms receiving this prestigious award, be on the the lookout for American Security Today’s Annual December ‘ASTORS’ Champions Edition – ‘Year in Review.’
The Cloud SaaS offering for Demisto Enterprise is available today through Demisto’s channel partners.
To have a Demisto partner contact you, please request a demo at https://go.demisto.com/schedule-a-demo.
