Secureworks’ Orchestration and Automation solution, unveiled at RSA Conference 2019, uses a combination of security operations expertise, security orchestration technology, managed services, and incident response experience to automate a series of client-specific workflows and contextualise incidents based on a unified view of the organisation’s full environment. A broad set of integrations enables customers to get the most out of their existing security technology investments by adding better context to enrich incident data and automate response activities. Secureworks’ deep threat intelligence provides insight into the nature of an incident, making it easier for users to decide on a prudent course of action.
“Security leaders are recognising that the speed and scale of digital business means that it’s not sustainable to rely on manual investigations and response processes,” says Wendy Thomas, Senior Vice President of Business and Product Strategy at Secureworks. “Secureworks’ Orchestration and Automation solution allows customers to respond faster to threats and be more confident that the actions taken are the right ones for their organisation and environment.”
Unlike many off-the-shelf SOAR (security orchestration and automated response) products, Secureworks’ unique “do it with you” approach ensures that customer-specific playbooks and automated responses are aligned with the best practices gleaned from more than 1,000 incident response engagements each year. Leveraging this expertise in an up-front consultation helps users overcome their fear of automating the wrong actions and ensures alignment with the customer’s goals from the start.
Users of Secureworks’ Orchestration and Automation solution can confidently accelerate their response to threats by taking automated response actions in their client portal or mobile interface, and for additional peace of mind they can escalate an incident to Secureworks’ industry-leading incident response team for further consultation.
“By leveraging Secureworks’ deep security operations expertise as part of both the onboarding process and the ongoing advisory services, customers can be certain that they are automating the right responses in the context of both their environment and the threat,” says Thomas.