SprwLabs
Managing Incident Severity in a SOC: Leveraging SOAR for Automation In a Security Operations Center (SOC), managing incident severity is critical for ensuring the security of an organization’s digital infrastructure. Incident severity directly impacts the prioritization of resources, team actions, and response times. As threats evolve in...
Read MoreWhile our favorite holiday is Halloween, this article sadly has nothing to do with the Headless Horsemen. Instead we will focus on how we stop security teams from being scared and overwhelmed. Security teams are constantly challenged to do more with less. When a security team acquires a SOAR, they do not always have a staffing plan associated...
Read MoreYou've taken away administrative privileges on employees desktops but users still maintain various unwanted programs. You can easily pull a list of these programs however how do you go about removing them? In this case we'll look at how you automate software removal. For the purpose of this article we will focus on Crowdstrike however most...
Read MoreSecurity Automation Orchestration and Response (SOAR) has a unique set of analyst requirements such as software development, general security security tooling knowledge and API experience. These requirements are difficult to find and staff. Simply put, they're the reason we exist. However, many organizations prefer to build the team out...
Read MoreCongratulations! You've just taken a big step forward and are now the proud owner of a SOAR. This blog post will help you evaluate, design, and scope your SOAR project to ensure that you have the right team and resources in place to make it successful. While this post won't cover the specifics of how to design a successful SOAR, it'll provide a...
Read MoreUtopia. That's where every SOAR conversation starts. Sadly, that's not day 1 of a SOAR deployment. Security operations is compromised of a plethora of tools and processes. Building a security automation requires understanding of how your security operations center functions. There are no fully built out playbooks. When we start out creating...
Read MoreGartner has spent the last 5 years touting the benefits of automation and they’re right! Automation has the potential to revolutionize how a security organization operates. They have however completely disregarded how to consume automation. Bringing automation into an organization doesn’t start with a tool, technology, or person. It starts with a...
Read More