Security Automation, Orchestration and Response ("SOAR") is a family of technologies that tie together a organization's people, processes and technologies. Effective automation can improve incident response time and capacity, increase the effectiveness of threat hunters, combine and extend the capabilities an organization's security tools, analysts and engineers and reduce human error through automation of processes.
Syncurity IR-Flow is an innovative security operations platform that combines alert triage and incident handling, security automation and orchestration and reporting and compliance. Based upon open-source technologies, Syncurity integrates with a broad range of security and IT tools and provides a customizable workflow, incorporating tools for human input all designed to adapt to customer operations.
This scheduled lab demonstrates how Syncurity can be used to automate enterprise incident response.