- MITRE ATT&CK ,
- SOAR
- MITRE ATT&CK ,
- SOAR
MITRE ATT&CK Technique-Driven Automation with Smart SOAR
MITRE ATT&CK is invaluable for SOC teams in understanding adversary behaviors and actions across a range of networks. This robust framework offers granular insight into various attack tactics, techniques, procedures, and threat groups, thereby enabling cybersecurity teams to bolster their defens...
MITRE D3FEND Framework Spreadsheet
Download the Complete MITRE D3FEND Matrix D3FEND is a complementary framework to MITRE ATT&CK, focusing on defensive countermeasures to mitigate cybersecurity threats. It outlines a structured taxonomy of defensive techniques that security professionals can use to defend against or counteract th...
- MITRE ATT&CK ,
- SOAR
What Are MITRE ATT&CK and MITRE D3FEND?
Ever wish you had a crystal ball for cyber threats? Meet MITRE ATT&CK and MITRE D3FEND, your digital fortune-tellers. In a fast-moving threat landscape, staying ahead of your adversaries is crucial. MITRE ATT&CK unveils adversary tactics, giving you the upper hand in fortifying your organiza...
- MITRE ATT&CK ,
- SOAR
Implementing MITRE D3FEND for ATT&CK Technique T1110: Brute Force
When account credentials are unknown, attackers may use a brute force attack in order to gain access. This can occur as an early stage of their attack, to gain initial access, or to enhance their privileges after access has already been obtained. MITRE’s D3FEND matrix outlines how to address this te...
- MITRE ATT&CK ,
- SOAR
Implementing MITRE D3FEND for ATT&CK Technique T1059: Command and Scripting Interpreter
Command and Scripting Interpreter attacks were the second most common technique seen in MITRE’s Engenuity’s Sightings Ecosystem report, representing 15.77% of 1.1 million sightings. MITRE’s D3FEND matrix outlines how to address this technique however security teams struggle to consistently implement...
- MITRE ATT&CK ,
- SOAR
Implementing MITRE D3FEND for ATT&CK Technique T1053: Scheduled Task/Job
Scheduled task/job threats, which make up MITRE ATT&CK Technique T1053, can have severe implications for an organization’s security. MITRE also outlines how to address this technique in their D3FEND Matrix. However, until now, security teams haven’t had a consistent way of implementing D3F...
Win More Business With Your Own Managed XDR and MITRE Offering
Join Stephan Tallent, CISSP, CRO at High Wire Networks, and D3’s Pierre Noujeim in this workshop on transforming Managed Security Services with Smart SOAR’s MXDR, and MITRE offerings.
...
- MITRE ATT&CK ,
- SOAR
How to Automate Incident Response to MITRE ATT&CK Technique T1003: OS Credential Dumping
In this blog post, we will outline four incident response playbooks for MITRE ATT&CK Technique T1003: OS Credential Dumping. Credential Dumping is a technique that allows adversaries to steal user authentication materials, such as usernames and passwords, often from system memory. The indicators...
- Integration Guide ,
- SOAR
How to Automate Incident Response to MITRE ATT&CK Technique T1566: Phishing
In this post, we will outline three incident response playbooks for MITRE ATT&CK Technique T1566: Phishing. This technique poses a serious risk due to its ability to take advantage of human error. Phishing remains a time-drain on security teams. Smart SOAR can help operationalize your phishing i...
- MITRE ATT&CK ,
- SOAR
Why MITRE Calls SOAR “Indispensable” in its Latest Book
MITRE Corp’s recently published book, 11 Strategies of a World-Class Cybersecurity Operations Center, is a must-read for security operations center (SOC) teams and just about anyone interested in infosec. The book is written for professionals who work in a SOC, but applies to any security operations...
- MITRE ATT&CK
See the Evolution of the MITRE ATT&CK Framework from 2015 to Now
If you are a cybersecurity practitioner, you probably know what ATT&CK is all about. But just for those who aren’t aware, here’s a quick refresher on this revolutionary threat intelligence framework. So what is the MITRE ATT&CK framework? ATT&CK, which stands for Adversarial Tactics, Tec...
MITRE ATT&CK For Dummies
The MITRE ATT&CK Matrix for Enterprise is the world’s largest database of cyber adversary tactics, techniques, and procedures. In fact, it’s so comprehensive that it can be hard to know how to start using it in your security operations. In this book, you’ll discover exactly wha...
- MITRE ATT&CK
10 Reasons to Use MITRE ATT&CK (and how to get started)
We recently released our exclusive Ebook MITRE ATT&CK For Dummies. It’s a definitive resource about why ATT&CK is so valuable and how to use it in your security operations. The topic is of great interest to us at D3 because of how deeply embedded ATT&CK is in our SOAR platform. In this b...
- MITRE ATT&CK ,
- SOAR
MITRE ATT&CK For Dummies
Everyone knows the “For Dummies” series of books. In fact, I’d wager you’ve read several over the years when you needed to learn about a new topic in an accessible but informative way. I know I have. That’s why I’m excited to announce that D3 has teamed up with the folks behind the “Dummies” books [...
Four Ways to Leverage MITRE ATT&CK in Your Security Operations
The MITRE ATT&CK Framework is a comprehensive matrix of adversary behaviors, based on MITRE’s research into thousands of real-world cybersecurity incidents. The potential value of ATT&CK as a resource is widely acknowledged, but many security teams still struggle to operationalize it effecti...
- MITRE ATT&CK ,
- SOAR
Common Obstacles to Leveraging MITRE ATT&CK and How D3 Can Help
It is widely agreed upon in the security world that the MITRE ATT&CK Framework is a valuable tool for security teams to wield in their never-ending fight against sophisticated adversaries. Among other benefits, ATT&CK brings “behavior-based” (as opposed to “signature-based”) detection into t...
Monitor Module Overview: Bringing MITRE ATT&CK into SOAR
Monitor Events, Indicators, and Artifacts in Real Time D3 SOAR’s interface has recently been overhauled to reflect how D3 enables proactive threat hunting, attack analysis, and event triage through MITRE ATT&CK. The Monitor module shows this evolution most clearly, with a home screen that maps e...
- MITRE ATT&CK ,
- SOAR
How MITRE ATT&CK Enhances Gartner’s Value Categories of SOAR Solutions
Toward the end of 2018, Gartner published its Emerging Technology Analysis of SOAR solutions (Ahm, December 7, 2018). In this piece, the author laid out three “value categories” for SOAR that represent the different varieties of value of which all SOAR solutions offer some combination. In the year s...
- MITRE ATT&CK ,
- SOAR
How to Leverage MITRE ATT&CK in Your Security Operations with D3 SOAR
The MITRE ATT&CK matrix has gained widespread recognition in the security industry for its valuable data on adversary groups, and the tactics and techniques they use to target organizations. However, there is a gap between recognizing the value of this data and being able to leverage it for impr...
MITRE ATT&CK Framework Spreadsheet
Download the Complete MITRE ATT&CK Matrix for Enterprise MITRE ATT&CK comprises the 14 tactics and hundreds of techniques used by adversaries across MITRE’s knowledgebase of real-world cybersecurity incidents, creating a highly effective kill chain framework for today’s security ...
- News
D3 Security Creates First Proactive Response Platform Using MITRE ATT&CK Framework
VANCOUVER, British Columbia–D3 Security, an innovator in security orchestration, automation and response (SOAR) technology, has released Attack Investigator, a unique solution that utilizes the MITRE ATT&CK framework to identify and address the entire kill chain of complex attacks. Attack ...
- SOAR
Security Operations Gap Analysis with MITRE ATT&CK
The MITRE ATT&CK framework is rapidly growing in popularity among security leaders for many reasons. Among the numerous applications of ATT&CK, many companies are using ATT&CK to identify gaps in their security and what they have covered with their existing tools. For those who are unfam...
- Incident Response ,
- SOAR
How D3 Uses the MITRE Framework to Enhance Phishing Investigations
To empower organizations in the fight against advance persistent threats and sophisticated adversaries, SOAR platforms must evolve beyond the linear process of ingesting alerts and automating simple response actions. This is why D3 has fully embedded the MITRE ATT&CK framework into its SOAR plat...
SOAR 2.0: Redefining SOAR with the MITRE ATT&CK Framework
Evolving from Event-Based to Intent-Based Response SOAR platforms are broadly effective at the linear process of intaking events and orchestrating response actions. However, they vary widely in their ability to support larger investigations that identify the entire scope of an incident. D3 is the fi...
- SOAR
Level the Playing Field with MITRE ATT&CK—SecurityWeek
A new article by Stan Engelbrecht, Director of D3’s Cyber Security Practice, is currently featured on SecurityWeek. The MITRE ATT&CK framework is rapidly gaining adoption as a valuable way for security teams to categorize, predict, and disrupt adversaries’ actions. That’s why D3 has embedded the...
- SOAR
How D3 Uses the MITRE ATT&CK Framework for Intelligent Correlation (VIDEO)
D3 SOAR is making the transition from event-based response to intelligent, intent-based response. This means that D3 users will be able to see every security event in the context of adversarial intent, by correlating events with other traces of the same attack. This allows security teams to take a m...
- Incident Response ,
- SOAR
Moving from Event-Based to Intent-Based SOAR Using the MITRE ATT&CK Framework
We recently published a whitepaper detailing D3’s vision for the future of SOAR, and how we’re making it a reality. We’re calling it SOAR 2.0, and while that might sound grandiose, we think it reflects how important this step in the evolution of SOAR could be. You can download the whitepaper here to...
![Choosing SOC Tools? Read This First [2024 Guide]-post_thumbnail](https://d3security.com/wp-content/uploads/2024/04/SOC-Tools-2024-Guide-web.jpg)
- Industry
Choosing SOC Tools? Read This First [2024 Guide]
Security operations centers (SOCs) are the front lines in the battle against cyber threats. They use a diverse array of security controls to monitor, detect, and swiftly respond to any cyber menace.These controls are essential for keeping information systems safe around the clock. Modern SOCs in lar...
- MITRE ATT&CK ,
- Reports
D3 Security Releases “In the Wild 2024” Report with Analysis and Incident Response Playbooks for the 10 Most Prevalent Cyber Attack Techniques
Vancouver, BC — April 10, 2024 — D3 Security, the leader in smart security orchestration, automation, and response (SOAR), today published In the Wild 2024, the first in a series of reports that analyzes real-world cybersecurity data and provides incident response workflows for the most prevalent th...
- News ,
- SOAR
D3 Security is a proud participant in the Microsoft Security Copilot Partner Private Preview
VANCOUVER, BC, CANADA — 1/8/2024 — D3 Security today announced its participation in the Microsoft Security Copilot Partner Private Preview. D3 Security was selected based on their proven experience with Microsoft Security technologies, willingness to explore and provide feedback on cutting edge func...
![Chronicle + Smart SOAR [2023 Edition]-post_thumbnail](https://d3security.com/wp-content/uploads/2023/12/d3-smart-soar-google-chronicle-solution-guide-resized.jpg)
Chronicle + Smart SOAR [2023 Edition]
Break down security tool silos with Smart SOAR’s integration with Google Chronicle. This powerful combination enhances cross-platform orchestration, automates alert enrichment, and accelerates remediation processes. D3’s utilization of Chronicle’s comprehensive data, including third-party thre...
Take Action on Threat Intelligence with Smart SOAR
Many organizations subscribe to threat intelligence services but lack a concrete strategy to effectively interpret the intelligence and transform it into actionable response measures. This whitepaper highlights essential use-cases for cyber threat intelligence experts and SOC teams utilizing Smart S...
- SOAR
Unpacking the Financial and Security Implications of Vendor Lock-In
The concept of ‘platformization’ – where leading vendors like Cisco or Palo Alto offer extensive, integrated security platforms – is becoming increasingly common. However, this trend towards platformization also brings to the fore the issue of vendor lock-in. This situation arises when organizations...
- SOAR
What Enterprise Security Teams Expect from Case Management Solutions
A less-talked about challenge in cybersecurity is managing multiple alert queues. While the volume of alerts is acknowledged as an issue, an important step toward simplifying day-to-day life for security analysts is to consolidate alerts into a single queue. This is why security orchestration, autom...
- News ,
- SOAR
What’s New in Smart SOAR (September 2023 Release)
We’re delighted to introduce some sought-after enhancements this month to the Smart SOAR platform. We’ve refined our reporting dashboard, upgraded the widget query builder, and enhanced the Incident Workspace. Additionally, the Monitor Module and Playbook Task Details have been adjusted to cat...
- SIEM ,
- SOAR
XDR vs. SIEM vs. SOAR: A Vendor-Agnostic Perspective
For modern SOC teams, detection and response is a big data problem. Effective cyber defense hinges on collecting, analyzing, and acting on massive troves of security-relevant data. This is where tools like XDR, SIEM, and SOAR find themselves pitted against each other. Each tool, while distinct in it...
- MSSPs ,
- SOAR
8x Faster Response, 99% Alert Noise Reduction: Smart SOAR’s Impact on High Wire Networks’ Cybersecurity Operations
In case you missed it, you can still watch our recent workshop featuring Stephan Tallent, CRO at US-based master MSSP High Wire Networks, and Pierre Noujeim from D3 Security. The thought-provoking workshop, titled ‘Win More Business with Your Own MXDR and MITRE Offering‘, is a must-watch...
- Reports ,
- SOAR
Top 5 Takeaways From Gartner’s 2023 Market Guide for SOAR
As an independent, vendor-agnostic SOAR provider, we‘re thrilled to announce that D3 Security has been recognized for the third consecutive time as a Representative Vendor in the latest Gartner Market Guide for Security Orchestration, Automation and Response Solutions. We’re also thrilled to offer i...
- SOAR
Smart SOAR Gives You the Best Cybersecurity Playbooks
Security operation center (SOC) teams need security orchestration, automation, and response (SOAR) because it provides a simple, efficient, and effective method for response to the growing complexity and volume of cybersecurity threats. SOAR playbooks are where the rubber meets the road; where incid...
- SOAR
Identity-Driven Security Operations with Smart SOAR
Security Operations Center (SOC) teams are increasingly adopting Security Orchestration, Automation, and Response (SOAR) to keep pace with the growing volume and sophistication of threats and to enhance the effectiveness and efficiency of their security operations. Forking away from a deluge of “Dum...
- News ,
- SOAR
What’s New in Smart SOAR (June 2023 Release)
Here’s a quick walkthrough of the latest features and enhancements in the June 2023 release of Smart SOAR. With a complete overhaul of the Reporting & Analytics dashboard, an innovative MSSP Client Portal, significant incident workspace improvements, and much more, this update promises to ...
- SOAR
Sick and Tired of “Dumb SOAR”? Smart SOAR Is the Answer
Frustrated with your current Security Orchestration, Automation, and Response (SOAR) platform? You’re not alone. 70% of our new customers in 2022 signed up with us after experiencing challenges with their previous SOAR solutions. These organizations, just like you, were searching for a more co...
- Incident Response ,
- SOAR
Defending Against Valid Account Threats: A Holistic Workflow with CrowdStrike, Okta, Elastic, and Recorded Future
As organizations seek to bolster their cyber defense strategies, the MITRE ATT&CK framework has emerged as a valuable resource for understanding and categorizing real-world threats. This globally-accessible knowledge base offers a comprehensive and structured approach to enumerating the tactics,...
- SOAR
How Smart SOAR Automates Threat Hunting
Threat hunting is a critical practice for catching sophisticated threats that may bypass the most advanced detection tools in a SOC. It helps organizations stay ahead of potential threats before they transform into significant issues. In threat hunting, analysts aim to identify signs of a potential ...
Recent Reviews of D3 Security on Gartner Peer Insights
D3 Security’s powerful Smart SOAR platform is the top choice for security orchestration, automation, and response (SOAR). Learn why our customers love our product by exploring their reviews from Gartner Peer Insights. Download this collection of reviews to learn: Why we are consistently rated ...
- Integration Guide ,
- SOAR
How to Reduce the Financial Impact of Security Incidents by 90% or More with Smart SOAR
“By 2024, organizations that adopt a cybersecurity mesh architecture to integrate security tools, so that they work together as an ecosystem, will reduce the financial impact of individual security incidents by 90%, on average.” – Gartner In 2017, Equifax, one of the largest credit reporting a...
- News ,
- SOAR
D3 Security Launches Smart SOAR™, Delivering Higher ROI, Faster Response & More Confidence
Vancouver, BC—April 17, 2023—D3 Security, the security orchestration, automation, and response (SOAR) vendor that does what others can’t, today announced the launch of its Smart SOAR™ platform, which expands beyond traditional SOAR with hyperscalable, risk-based autonomous triage and incident remedi...
- Case Studies ,
- SOAR
We Implemented Smart SOAR at a Giant MDR Provider. Here’s What We Learned
One of D3’s biggest recent implementations was our SOAR deployment at a global MDR vendor with thousands of customers worldwide. We even wrote a case study about it, highlighting how this MDR provider needed to upgrade its SOAR platform to keep pace with its growth and advanced technical requirement...
A Comprehensive Guide to Smart SOAR
Many security teams are frustrated with their current SOAR tools and want a smarter solution. They’re switching to Smart SOAR, the world’s most advanced operating system for autonomous triage and cross-platform response. In this guide, we show you how Smart SOAR outperforms conventional SOAR tools i...
- Integration Guide ,
- SOAR
Why Smart SOAR is the Best SOAR for Microsoft Defender for Endpoint
In the fast-paced world of cybersecurity, security teams must continuously adapt to protect their organization’s digital assets. Streamlining and automating incident response processes is essential for effective defense against threats. One way to achieve this is by integrating powerful cybers...
- MSSPs ,
- SOAR
How MSSPs can Serve their First 50 Clients with One SOAR Playbook
What MSSP Customers Say About D3 “D3 is giving a much better possibility for our business to grow, so even though we are rapidly growing, we’ll be able to scale up to a lot more customers without adding more staff.” —Philip Lyngø, Security & Analytics Manager, Trifork Security “It was really on ...
- Integration Guide ,
- SOAR
Respond to Trojan Alerts in Seconds with SentinelOne, VirusTotal, and Microsoft Entra ID
In this post, we’ll be using SentinelOne, VirusTotal, and Microsoft Entra ID to investigate and respond to a potential trojan virus. SentinelOne provides deep enrichment on the endpoint, VirusTotal will tell us if the file has been marked as malicious by the wider community, and Microsoft Entra ID w...
- SOAR
Why D3 Smart SOAR is a Security Trailblazer
In case you haven’t heard the news, D3 Security has been selected as a finalist in the Security Trailblazer category for the 2023 Microsoft Security Excellence Awards presented by the Microsoft Intelligent Security Association (MISA). The Security Trailblazer award recognizes companies that are lead...
- Events ,
- News
D3 Security to Demonstrate its Vision of Smarter SOAR for MSSPs at IT Nation London
Vancouver, BC—March 16, 2023—D3 Security, the leader in smart security orchestration, automation, and response (SOAR), today announced they are a gold sponsor of ConnectWise IT Nation London 2023, held at the Royal Lancaster in London from March 20th-22nd. Executives from D3 Security will be showcas...
- SOAR
Playbook Breakdown: Cross-Stack Analysis with CrowdStrike, Zscaler, and Active Directory
In this post, we explore how CrowdStrike, Zscaler, and Active Directory can be used in one playbook to investigate and respond to a remote file download and launch alert. By combining the three tools (EDR, zero trust, identity management) into a single playbook, users can make the most of intelligen...
- Integration Guide ,
- SOAR
AI-Assisted Kill Chain Investigation with ChatGPT and Smart SOAR
As cyber threats continue to grow in sophistication and frequency, security teams are under immense pressure to detect and respond to incidents quickly and effectively. With the volume of alerts generated every day, analysts can easily become overwhelmed and fatigued. This is where automation and ar...
- Events ,
- News
Experience a Smarter SOAR at IT Nation London 2023
D3 Security is proud to be a gold sponsor of ConnectWise IT Nation London 2023! As the market leader in SOAR for MSSPs and MSPs, we can’t wait to show you the latest MSSP-focused capabilities we’ve added to our SOAR platform. Visit us at Booth #9 at the Royal Lancaster in London anytime from 2...
- SIEM ,
- SOAR
Transform Incident Response with Smart SOAR and Microsoft Sentinel
D3’s Smart SOAR has a deep integration with Microsoft Sentinel. This integration gives security teams the ability to triage, investigate and respond to Sentinel alerts and Sentinel incidents, in the consolidated, automation-powered D3 work space. Events from Microsoft Sentinel and any other products...
- SOAR
Security Automation Explained: A Guide for Beginners
Cyber attacks are becoming more frequent and advanced these days, carried out by criminal groups offering “ransomware-as-a-service” and nation-state-backed threat groups. To highlight this trend, let’s examine the phishing attack vector, which is the most popular attack technique f...
- SOAR
D3’s Roadmap Highlights for 2023: Machine Learning and More
2022 was a momentous year for D3 Security, but we’re always looking to the future. We are committed to being leaders, not followers, in the SOAR industry, and with than in mind we have laid out a plan for 2023 that might be our most ambitious roadmap yet. The next year of D3 Smart SOAR […]...
- SOAR
Buy Smart SOAR Through Microsoft Azure Consumption Commitment (MACC)
As many of you may know, Smart SOAR is available through the Microsoft Azure Marketplace. As 2022 comes to an end, here’s a timely reminder that you can use any remaining balance from your Microsoft Azure Consumption Commitment program to purchase Smart SOAR on the Azure Marketplace. What is the MAC...
- Reports ,
- SOAR
Looking for the SOAR Magic Quadrant? Start Here
If you came here looking for the Gartner Magic Quadrant for SOAR (Security Orchestration, Automation and Response), let’s get the spoilers out of the way first. No, there isn’t one yet. It doesn’t exist at the time of writing this post. If Gartner releases one, we’ll make sure to update this post an...
- SOAR
Find Threats Faster Together with Elastic & D3 Smart SOAR
We’ve received a great response for our upcoming webinar with Elastic on November 16th and seats are filling up fast. Many of our customers use D3 Smart SOAR’s integration with Elastic, which is no surprise considering it is the most popular enterprise search engine. The webinar is a great opportun...
- Data Breach ,
- SOAR
5 Key Benefits of SOAR (Security Orchestration Automation and Response)
A recent survey revealed that up to 90 percent of companies were hit by ransomware in 2022. In the wake of such unrelenting attacks, often perpetrated by state-sponsored threat actors, spending on new cybersecurity technologies is usually on the top of mind for every CISO and security manager. But n...
How a Global MDR Leader Achieved Hyperscalability
This US-based Managed Detection and Response (MDR) provider had ambitious goals and complex technical requirements that were not being met by their existing SOAR tool. Performance and data ingestion issues at scale, lack of multitenancy, and failing support contributed to their frustration. The MDR ...
- Events ,
- News
Join D3 Security at the Deep Security Conference in Croatia
The Deep Security Conference 2022 takes place over two days in beautiful Croatia at the Falkensteiner hotel from October 19-20. While there are lots of great reasons to visit this part of the world, we’re super excited to be there to meet cybersecurity leaders from the region and showcase our indus...
- SOAR
Why Smart SOAR Is the World’s Leading Independent SOAR Platform
SOC leaders have long embraced this fact: security is growing in complexity faster than they can keep up using manual processes. SOAR (Security Orchestration, Automation and Response) emerged as a product category in cybersecurity to address this pain point. SOAR helps security operations teams auto...
NextGen SOAR Is Here
We named our SOAR platform D3 NextGen SOAR because it sets the benchmark for SOAR technology. NextGen SOAR fixes all the pain points that make legacy SOAR products (what we call SOAR 1.0) ineffective and hard to work with. If you’ve thought about SOAR before and decided it wasn’t right for you, cons...
- SOAR
Why Smart SOAR Is the Best Automation Solution for MSSPs
The market for managed security services is booming. Many analyst groups are projecting double-digit percentage growth in the sector annually. Yet many are struggling to keep up with high alert volumes when relying heavily on manual processes to manage a growing customer base with limited resources...
- SOAR
D3 Security & Zscaler Present: Reduce Cyber Risk with SASE & SOAR
The term “zero trust” was first coined in 1994, which makes it as old as the internet. However, the zero trust security model as we know it today was first described in 2010 by Forrester analyst John Kindervag. That makes it five years older than SOAR (security orchestration, automation and response...
- Events ,
- SOAR
See Smart SOAR in Action at Black Hat 2022
We’re thrilled to announce that we will be presenting our Smart SOAR platform at the Microsoft booth (#2340) at Black Hat USA 2022. On Thursday the 11th at 1 PM PST, D3 Security’s Tom Byrne will demonstrate how to enhance security incident response by leveraging Smart SOAR’s deep integrations with M...
- SOAR
How Does SOAR Fit in an EDR-centric SOC?
If you’ve worked in a security operations center (SOC) that has an endpoint detection and response (EDR) platform, you know the value it can add to your incident response capabilities. A SIEM-centric SOC model was more popular in the past, but as EDR tools have improved, more companies are becoming ...
- MITRE ATT&CK
ATT&CKcon 3.0 Highlights: 5 Insightful Sessions Worth a Watch
The MITRE ATT&CK framework needs no introduction. Over 80 percent of enterprises use ATT&CK, according to a 2020 study. First introduced in 2013, the framework established a standard for the infosec community to describe adversary tactics and techniques. There are now separate matrices for E...
- News
MMT Partners With D3 Security to Bring Next-Generation SOAR to Australia
The following is a reposting of a press release by our partners at Multimedia Technology. Multimedia Technology (MMT) announced today that they have struck a distribution agreement with Canadian cybersecurity vendor D3 Security, making them D3 Security’s value-added distributor in the Australasian r...
- Events ,
- RSA Conference
- SOAR
RSA 2022 Recap: Key Trends and Frequently Asked Questions
RSA Conference is the ‘Super Bowl’ of cybersecurity expos, where the world’s leading security professionals gather to share their knowledge and help shape the future of infosec. After a gap year, this year’s conference was a good comeback, with over 26,000 attendees, and plenty of interesting sessio...
- Events ,
- SOAR
Level up your SecOps with Smart SOAR at Splunk .conf22
We’re psyched to meet security leaders from across the globe next month at Splunk’s .conf22 at the MGM Grand in Las Vegas on June 13-16. This year’s in-person conference also includes the option to join virtually, so Splunkers from around the world can watch the all the sessions remotely, access the...
- SOAR
How SOAR Can Help You Attract and Retain Cybersecurity Talent
Security operations center (SOC) teams play a vital and underappreciated role in the function of any organization, but they are especially crucial in many sectors — including finance, technology, and healthcare. Members of SOC teams work around the clock and are responsible for keeping the company s...
- SOAR
What’s the Difference Between SOAR and SAO?
Security Orchestration, Automation and Response (SOAR) is a relatively new product category – in fact, it just turned five. Research and consulting firm Gartner is credited with coining the term around April 2017, judging by the earliest web artifacts that we found on Google. Great minds think alike...
Digital Shadows + Smart SOAR
D3’s integration with Digital Shadows SearchLight connects threat intelligence, brand protection, data leak detection, and more to automated triage and response. D3 users can enrich alerts with Digital Shadows intelligence, as well as retrieve valuable data on ingested threat reports, includin...
- SOAR
D3’s Event Pipeline is the Perfect Example of Gartner’s ‘Hyperautomation in Security’
We recently published a whitepaper about our Event Pipeline, which is sort of like the nerve center of our SOAR platform. In case you haven’t heard of it, the Event Pipeline is D3 NextGen SOAR’s global event playbook. It leverages unlimited out-of-the-box integrations to enable triage, investigation...
- SOAR
ICYMI: Highlights From the Webinar with Forrester’s Allie Mellen on the Future of SOAR
Our recent webinar with Forrester’s Allie Mellen and D3 Founder Gordon Benoit featured a fascinating debate and discussion on the state and future of SOAR. In case you prefer to read rather than watch or listen, we’ve transcribed the most important parts of their exchange below. Read on for Allie an...
- News
Credence Security Signs Distribution Agreement to Provide D3’s Smart SOAR Across the Middle East & India Region
The following is a reposting of a press release by our partners at Credence Security. Dubai, United Arab Emirates — Wednesday 17th November 2021 – Credence Security, a leading, regional, specialized value-added distributor for cybersecurity, forensics, governance, risk and compliance solutions, toda...
- SOAR
How SOAR Can Help You Solve Cybersecurity Staffing Issues
Even before the pandemic completely reshaped the world of recruiting with an explosion of remote work, it was always hard for most employers to attract and retain qualified cybersecurity professionals. Security pros are in high demand, expensive to hire, and—in the average security operations center...
- SOAR
How to Turn the Lessons of Elite SpecOps into Elite SecOps
We recently published a new whitepaper titled, How the Principles of the Navy SEALs Can Improve Your Use of SOAR, which you can download here. In the whitepaper, we break down four components of the ethos that allows the Navy SEALs to achieve their goals at a level that is virtually unmatched by any...
- SOAR
Why XDR is Not a Replacement for SOAR
Extended Detection and Response—commonly abbreviated to XDR—was first coined in 2018 and has since become an exciting buzzword in the cybersecurity world. Many vendors now offer XDR, which combines several of their products into one integrated offering. XDR grew out of Endpoint Detection and Respons...
- News
D3 Security Expands Global Reach with $10M Investment from Vistara Growth
Vancouver, BC — August 31, 2021 — D3 Security, the leader in next-generation security orchestration, automation and response (SOAR), today announced it had received a growth equity investment of $10 million USD from Vistara Growth, a provider of flexible growth capital solutions to technology compan...
Breach and Attack Simulation Use Case
Breach and Attack Simulation, Step by Step Step 1: The analyst determines what attack scenario they want to simulate. Step 2: From D3, the analyst activates the assessment in AttackIQ and commands AttackIQ to run all tests. Step 3: D3 retrieves the results of the assessment. Step 4: The TTPs...
- News
D3 Security Teams with SYNNEX Corporation to Distribute Advanced SOAR Platform
D3 Security, the provider of next-generation security orchestration, automation, and response (SOAR) solutions, today announced a distribution agreement with SYNNEX Corporation, a leading provider of distribution, systems design and integration services for the technology industry, to offer the D3 N...
TTP-Based Threat Hunting
Security leaders are increasingly looking to the MITRE ATT&CK matrix to help understand and combat the threats against their environment. Security teams who follow ATT&CK can track the tactics being used by adversaries, the scope of attacks, and the efficacy of their controls—generating crit...
- SOAR
D3’s Upcoming Release is a Launchpad for SOAR Integrations
Integrations are critical to the effectiveness of any SOAR platform, so delays or obstacles to the configuring, testing, and executing of commands between tools can compromise a SOAR implementation before it can get fully up and running. This is an area in which many SOAR platforms struggle. Setting...
- Reports ,
- SOAR
KuppingerCole Names D3 an Overall Leader in SOAR Report
The European analysts KuppingerCole have released their Leadership Compass for Security Orchestration Automation and Response, a comprehensive look at the SOAR marketplace and vendor capabilities. Their extensive analysis of 12 SOAR vendors ranks the leaders in key areas, based on deep evaluation cr...
- SOAR
Test and Optimize Your Security Controls with D3 and AttackIQ
We are constantly adding new integrations to the list of 300+ tools with which D3 works to automate and orchestrate security operations. One of the most exciting technology partnerships we’ve formed in recent months has been with AttackIQ, a security optimization platform that provides a unique serv...
- SOAR
Year in Review Part 2: The SOAR Industry in 2020
In this second installment of our 2020 review, we’ll look back at three industry reports that were published in 2020. We’ll see what each one had to say about D3 NextGen SOAR, as well as the SOAR industry overall. Gartner’s SOAR Market Guide D3 was included as a representative vendor in...
- SOAR
Year in Review Part 1: D3 Highlights From 2020
2020 was challenging for everyone, and of course we felt that at D3 as we adjusted to new conditions throughout the year. Fortunately, however, we were still able to thrive and move our plans forward, despite the challenges, setting us up for a 2021 that we expect to be the best year in our long [&h...
- SOAR
SunBurst Playbooks for the SolarWinds Breach
The SolarWinds supply chain compromise has sprung nearly every security team into action in the past week as they try to determine whether any hosts on their network are running the Orion network monitoring software. Moreover, they are checking—and double-checking—for other signs of malicious activi...
- News
Vertosoft Partners with D3 Security to Bring Smart SOAR to U.S. Public Sector
Vertosoft, the company driving emerging technology growth in government, announced today a partnership with D3 Security, a leader in advanced Security Orchestration, Automation, and Response (SOAR) technology. Through the partnership with Vertosoft, D3 Security has been named an approved vendor unde...
- SOAR
What’s New in the Latest Version of D3 Smart SOAR
We are always making improvements to our Smart SOAR platform, and we recently released a major new update for all of our clients. There are a lot of exciting updates, which can be summarized in a few key themes: Simpler integrations and playbooks. We’ve completely overhauled our playbook editor to m...
- SOAR
The Top 10 Reasons Organizations are Choosing D3 SOAR Over its Competitors
The D3 customer base has been growing rapidly, especially in the past couple of years. Major new clients are signing on, existing clients are expanding their services, and our partners around the world are having great success connecting D3 with their clients. It’s been an exciting time. While the S...
- Reports ,
- SOAR
8 Things Gartner Gets Right About SOAR (And 1 Thing They Get Wrong)
Gartner’s 2020 Market Guide for Security Orchestration, Automation and Response Solutions (Lawson, Bussa & Sadowski, September 21, 2020) was only released a few days ago, but it’s already become one of the most sought-after resources for security professionals evaluating SOAR. You can download y...
RSA NetWitness + Smart SOAR
D3 acts as a unified dashboard for analysis and investigation of RSA NetWitness Platform alerts, enriching incoming alerts with correlated MITRE ATT&CK matrix techniques, threat intelligence, and historical incident data. From D3, RSA NetWitness users not only benefit from automation and orchest...
- SOAR
5 Ways D3 SOAR Can Help You Prioritize Incidents
In almost any SOC, there are more incidents than can be properly investigated. Even with effective rules in your SIEM and other detection tools that rule out the majority of false positives and low-risk events, incident responders are still often overwhelmed with a never-ending queue. SOAR can bring...
- News ,
- SOAR
D3 Joins the Microsoft Intelligent Security Association
The fight against sophisticated cybersecurity threats requires collaborative effort between the best minds in the industry. That’s why we’re pleased to announce that D3 Security has joined the Microsoft Intelligent Security Association (MISA), a group of technology providers who have integrated thei...
- News ,
- SOAR
D3 Appoints Spire Solutions as Distributor of Smart SOAR in Middle East and Africa
D3 Security, provider of the leading next-generation SOAR platform, today announced it has appointed Spire Solutions, the Middle East’s preferred security partner, as a value-added distributor in the Middle East and Africa. Under this partnership, Spire Solutions will support the distribution of D3 ...
- News ,
- SOAR
D3 and Check Point Partner to Help Customers Respond to the Next Generation of Cyber Threats
Vancouver, BC—June 25, 2020—D3 Security, the leader in next-generation security orchestration, automation and response (SOAR), today announced a new partnership with Check Point Software Technologies Ltd., a leading provider of cyber security solutions globally, to help security teams automate and o...
SOAR Best Practices Research from Frost & Sullivan
Frost & Sullivan just released its Best Practices Report for the Security Orchestration and Automation Response market – with the authors recognizing D3 for its superior technology and strong overall performance. Download this SOAR Best Practices Research to learn about: The customer and b...
- SOAR
Three Reasons to Get Excited About D3’s Partnership with Datadog
We are very happy to announce our new partnership with Datadog, the essential monitoring platform for cloud applications. Datadog brings together data from servers, containers, databases, and third-party services to make customers’ stacks entirely observable. With 85% of enterprises moving their app...
- SOAR
Does D3 Integrate With My Security Tools? (Fortinet, McAfee, Symantec, CrowdStrike, Splunk, and More)
Integrations are critical to the value you will get out of a SOAR platform. You’ll want a platform that integrates with the security tools you use of course, but not all integrations are created equal, so you’ll also want to ensure that those integrations are feature-rich and don’t require you to do...
Azure Sentinel + Smart SOAR
hrough its integration with Sentinel, D3 can act as the security operations hub for cloud environments or hybrid environments that include on-premise systems. D3 integrates with the Microsoft Azure stack and 260+ other security tools in order to ingest data and orchestrate response actions across an...
Datadog + Smart SOAR
Datadog’s Application Performance Monitoring (APM) and Security Monitoring solutions can detect IT and security issues from across integrated cloud applications, networks, and infrastructure, but lack a true incident response capability. D3’s integration with Datadog fills this gap by turning ...
LogRhythm + Smart SOAR
D3 acts as a unified dashboard for analysis and investigation of LogRhythm events, enriching them with correlated MITRE ATT&CK matrix techniques, threat intelligence, and historical incident data. From D3, LogRhythm users not only benefit from automation and orchestration-powered response workfl...
Check Point + Smart SOAR
The combination of Check Point and D3 SOAR provides the SOC with vastly improved visibility, intelligence and agility. Events in Check Point trigger automated playbooks in D3, which gather context from across the security ecosystem, including correlation against the MITRE ATT&CK framework. If th...
- News
D3 Partners with Chronicle to Combine Security Analytics and Orchestration
We are pleased to announce that D3 has joined Chronicle’s network of technology partners as an Index Partner. Chronicle will also join the D3 CONNECT partner program. The partnership will be supported by a robust integration between D3’s next-generation SOAR platform and Chronicle’s cloud-based secu...
- News
D3 Security Wins Frost & Sullivan’s 2020 Global Customer Value Leadership Award
Frost & Sullivan, a globally renowned business consulting and research firm, recently recognized D3 Security with their 2020 Global Customer Value Leadership Award for helping customers streamline and automate their security operations. The award is based on Frost & Sullivan’s analysis of th...
- Reports
Download Gartner’s Tips for Selecting the Right Tools for Your SOC
Earlier this year, Gartner published some great recommendations around purchasing security tools (Tips for Selecting the Right Tools for Your Security Operations Center; Bussa & D’Hoinne, January 23, 2020), written by Toby Bussa and Jeremy D’Hoinne. We’re very happy to be offering the document a...
IBM QRadar + Smart SOAR
Unify Detection, Analysis, and Response for QRadar Offenses D3 acts as a unified dashboard for analysis and investigation of QRadar offenses, enriching alerts with correlated MITRE ATT&CK matrix techniques, threat intelligence, and historical incident data. From D3, QRadar users not only benefit...
- Industry ,
- SOAR
What is Hybrid Cloud Security?
Hybrid Cloud Security describes the unique process of applying cybersecurity tactics and methods to environments that are split across multiple types of cloud resources. Typically, hybrid cloud environments include are a private cloud, which a company generally operates and hosts on-premise, and a p...
D3 SOAR for Hybrid Environments
More and more companies are moving systems and servers to cloud hosting solutions like Microsoft Azure, but many of them are not committing entirely to the cloud, keeping some systems on-premise. This hybrid model creates an issue around security, because the company is left managing two sets of sec...
- Events ,
- News
See D3’s Next-Generation SOAR at RSA Conference 2020
The D3 team is excited to be gearing up for one of the biggest cybersecurity events of the year: RSA Conference 2020. We’ve been attending the conference for many years, and we always come back inspired by the partners, clients, and industry leaders we cross paths with at the event. RSA Conference 2...
Fill the form below to book your meeting at RSA 2020
Experience in person the only next-generation SOAR platform that combines security orchestration with MITRE ATT&CK and full-lifecycle incident response. Plus, speak with our SOAR and ATT&CK experts and pick up your own “Good in the SOC” swag....
- SOAR
Next-Generation SOAR: Codeless Playbooks and Integrations
Nearly all security operations centers (SOCs) with SOAR have learned that their playbooks and integrations require more maintenance than expected. That’s because SOAR playbooks must be manually updated, often using Python, whenever a data source or integration point changes. If your SOC has dozens o...
- SOAR
Why Integrations are Easier with D3 SOAR
While SOAR platforms can do a lot of things, their effectiveness will be largely contingent on how well they integrate with their clients’ security infrastructure. That’s why D3 integrates with more than 260 applications in order to orchestrate more than 400 different actions. Integrating with D3 ha...
- MITRE ATT&CK ,
- News
- SOAR
D3 SOAR 2.0 Release Announcement
We are proud to announce the release of our most ambitious and innovative project yet: D3 SOAR 2.0. While it may be a bold claim to make, we truly see this new release as pushing the SOAR market forward with both improvements to previous capabilities and entirely new capabilities that no other platf...
- MITRE ATT&CK ,
- SOAR
3 Things You Can Do With Next Generation SOAR That You Couldn’t Do Before
When you’ve been in the industry as long as D3, you see a lot of evolution in software capabilities. In the early years, it was all about incident response and case management. Playbooks were entirely manual, and integrations were a secondary aspect of the solutions on the market at that time. Next,...
SIEM Alert Enrichment with D3 SOAR
Turn Alerts into Intelligent, Automation-Powered Response Ingesting alerts from a SIEM for enrichment, analysis, and automation-powered response is at the core of the D3 SOAR platform. D3 integrates seamlessly with all major SIEMs. Events can be ingested into D3 either manually or based on SIEM rule...
D3 SOAR for Threat Hunting
Leverage the Power of MITRE ATT&CK and Advanced Orchestration in Your Threat Hunting Signature-based detection and prevention methods make up the bulk of most organizations’ cybersecurity program, but today’s most sophisticated adversaries are skillful at circumventing these methods. This is why...
- SOAR
Where to Start With Incident Response Automation
Lots of valuable opportunities for incident response automation are available to security teams, especially when leveraging a SOAR platform. While most security teams are already using some amount of automation, extensive automation in the SOC is still quite rare. In fact, we confirmed this in a rec...
- SOAR
Why Do I Need SOAR if I Have… (SIEM, ITSM, TIP, EDR)
As a relatively new category of security tools, there are lots of misconceptions around Security Orchestration, Automation, and Response (SOAR). Some of this confusion is around what types of SOCs will benefit most from SOAR. It is understandable to think that a SOC that already has numerous securit...
- Events
Visit D3 at Splunk .conf19
As we have for the past several years, the D3 team will be attending Splunk’s annual conference next week. This year’s event is called Splunk .conf19, and it will take place at the Venetian Sands Expo in Las Vegas from October 22-24. We’re excited to be attending again this year and we have a lot [&...
Lastline + Smart SOAR
Automatically Integrate Advanced Malware Analysis into Response Workflows D3’s integration with Lastline brings powerful, AI-based malware analysis, risk scoring, detonation, and threat intelligence into D3’s incident response workflows. Joint users benefit from connecting Lastline’s Deep Content In...
Microsoft + Smart SOAR
Detect and Protect Against Cloud Security Threats with Intelligent Orchestration D3’s integrations with Microsoft tools help organizations secure their Azure environments and Exchange mailboxes against all kinds of threats. D3 can act as a central hub for your cloud security operations, intaking ale...
CrowdStrike + Smart SOAR
Orchestrate Intelligent Endpoint Protection and Automated Analysis Feature-rich integrations with CrowdStrike tools make D3 the perfect command center for event intake, threat intelligence enrichment, malware analysis, and orchestrating actions across endpoints. D3’s automation-powered playbooks, MI...
- News
D3 CONNECTED Global Sales Channel and Partner Program Demonstrates Significant Growth in Q2 2019
VANCOUVER, British Columbia–D3 Security, an innovator in security orchestration, automation and response (SOAR) technology, today announced that their CONNECTED Global Sales Channel and Partner Program has experienced significant growth since its inception in October of last year. Coming off c...
- Incident Response
Sherlock in the SOC—SecurityWeek
A new article by Stan Engelbrecht, Director of D3’s Cyber Security Practice, is currently featured on SecurityWeek. The character Sherlock Holmes once said, “There is a strong family resemblance about misdeeds, and if you have all the details of a thousand at your finger ends, it is odd if you can&#...
- Data Breach
Data Breach of the Month: City Power
Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security in...
- SOAR
How SOAR Can Help Support the Transition of IT Staff to Security Operations
Because of the well-documented cybersecurity skills gap, it has become a significant trend for organizations to rely on IT personnel to transition to security operations or to take on additional security responsibilities. This is a difficult transition for both the employees and the organization tha...
- SOAR
Why Incident Response Must Adopt a Kill Chain Perspective—SecurityWeek
A new article by Stan Engelbrecht, Director of D3’s Cyber Security Practice, is currently featured on SecurityWeek. Emerging technology is enabling incident response tools—including SOAR platforms like D3—to go beyond individual alerts and address complex attacks holistically. This welcome change re...
- SOAR
Download Gartner’s 2019 Market Guide for SOAR Solutions
Note: Download the 2019 Gartner Market Guide for Security Orchestration, Automation and Response Solutions here. Gartner recently published its first ever Market Guide for Security Orchestration, Automation and Response Solutions, written by Claudio Neiva, Craig Lawson, Toby Bussa, and Gorka Sadowsk...
- Data Breach
Data Breach of the Month: NASA
Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security in...
- Data Breach
Breach of the Month: Fast Retailing
Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security in...
- Incident Response ,
- SOAR
D3 Supports Every Tier of SOC Analysts
In a security operation center (SOC), analysts are often categorized into four tiers, each with different roles and responsibilities. The definition of each tier varies a bit, depending on who you ask, but a generally accepted description of a Tier 1 analyst would be someone who monitors alerts from...
FireEye + Smart SOAR
Rapidly Analyze and Combat Threats Across the Ecosystem D3’s App for FireEye allows you to streamline SecOps and IR workflows, reduce manual coordination, and augment the power of your existing tools. With D3 acting as a hub for endpoint, network, and email security alerts, all potential incidents c...
- Data Breach
Data Breach of the Month: FBI National Academy Associates
Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security in...
- SOAR
SOAR for Fortinet: Why D3 is the Perfect Fit
Security orchestration, automation, and response (SOAR) platforms are a force multiplier in the SOC because of how they make other security tools more effective. This is especially true when you combine D3 SOAR with the Fortinet Security Fabric. With this unique partnership, you don’t just get certi...
- News ,
- SOAR
D3 Security Joins Symantec Technology Integration Partner Program
MOUNTAIN VIEW, Calif.– D3 Security today announced it has joined the Symantec Technology Integration Partner Program (TIPP), a global ecosystem composed of more than 100 participating technology companies, in a collaborative effort to combat cyber-crime and secure the cloud generation. As part...
- Data Breach ,
- SOAR
Data Breach of the Month: Jackson County
Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest state-sponsored mega breach, and other times we’ll focus on a lesser known incident that has outsized implications fo...
- Data Breach
Data Breach of the Month: Singapore Ministry of Health
Welcome back to our Data Breach of the Month series, where we look at a notable cyber incident or data breach from the past month. Sometimes we’ll offer deeper analysis of the latest big breach, and other times we’ll focus on a lesser known incident that has outsized implications for the security in...
- Data Breach