3 min
Automation and Orchestration
Will Investing in Security Orchestration Make Your SIEM Obsolete?
As more companies continue to adopt security orchestration, many are now
wondering if their security information and event management (SIEM)
[https://www.rapid7.com/fundamentals/siem/] systems will soon become obsolete.
Security teams use SIEMs to manage and correlate alerts from detection tools
with other data and logs. While SIEMS help to corral alerts and log data, they
often don’t do much in the way of reducing alerts or investigatory tasks after
an alert comes in.
Security teams have many
4 min
Automation and Orchestration
What is Security Automation?
Security has always been a numbers game. Time to detection and time to response
have been metrics security teams have sought to reduce since the beginning of
time (or at least the beginning of computers…). But what does it take to
actually reduce that number?
If you’re reading this, we’re guessing you’re no stranger to the challenges in
the world of security today. Between the security talent gap
[/2016/08/30/5-reasons-companies-are-losing-security-talent-and-what-to-do/] and
the rapid prolifer
3 min
Automation and Orchestration
3 Steps to Transform Your Security Operations with Security Orchestration
Considering the sheer number of security tools and threats out there today,
security operations [https://www.rapid7.com/solutions/secops/] can quickly get
overwhelming if you don’t have a way to manage the complexities in a systematic
fashion. Much of this management between tools and processes is done manually by
people today, but this way isn’t exactly sustainable in the long term for
security teams — especially coupled with an increasing volume of alerts, events,
and security incidents.
Tha
1 min
Automation and Orchestration
A Guide on Security Automation Best Practices
Ask three different security teams what is holding them back from faster
time-to-response and chances are you’ll get three different answers:
1. Manual, time-intensive processes
2. Lack of integrated tools
3. Lack of development resources
All of these problems exist across both big and small companies in any industry,
from healthcare to finance to e-commerce. But in a digital world where attacks
are both prevalent and pervasive, defenders always need to be a step (if not
two) ahead.
This i
3 min
Automation and Orchestration
What is Security Orchestration?
The best security operation centers (SOCs)
[https://www.rapid7.com/fundamentals/security-operations-center/] are built on
efficiency and speed-to-response. But if you’ve ever worked in a SOC or on a
security team, you know it’s tough to get your security systems, tools and teams
to integrate in a way that streamlines detection, response, and remediation.
One of the most tedious tasks of all is cobbling together alert details to
assess if a security event is a real threat, along with correlating