- SOAR 101
Since we initially published this article, we’ve further developed our collaboration with Microsoft. We now offer 33 integrations with Microsoft tools. D3 SOAR automated incident response playbooks can orchestrate across Azure Sentinel and other cloud tools, on-premise Microsoft tools, and hundreds of tools by other vendors. Read our article on the MISA blog about how D3 integrates with Microsoft here.
The fight against sophisticated cybersecurity threats requires collaborative effort between the best minds in the industry. That’s why we’re pleased to announce that D3 Security has joined the Microsoft Intelligent Security Association (MISA), a group of technology providers who have integrated their solutions with Microsoft products to provide customers better protection, detection, and response. MISA enables D3 to develop closer integration and collaboration with Microsoft, bringing our next-generation SOAR capabilities to a broad scope of security use-cases. The result of our MISA membership will be some of the best possible solutions for joint customers of D3 and Microsoft.
D3 integrates with numerous Microsoft products, including:
These integrations support many use cases that security teams regularly struggle with. Take for example, cryptojacking, which can be difficult to detect and remediate. With D3’s integrations with Microsoft, the workflow might look like this:
As you can see in the above use case, D3 is able to act as a single interface for managing incidents that span across on-premises systems and cloud systems, such as those hosted on Azure. Most companies now find themselves in some form of hybrid environment like this, with some systems locally hosted and some in the cloud. Without a solution like D3 to sit in between these environments, managing security holistically can be time-consuming and unwieldy. This results in poor visibility and information silos that allow incidents to slip by unnoticed.
Now that D3 has joined MISA, we can ensure integrations with Azure systems that allow D3 to complement existing cloud security tools while simultaneously aggregating data and orchestrating actions across critical on-premise tools such as a SIEM.
This capability is bolstered by D3’s unique ability to correlate events against the MITRE ATT&CK framework. During a complex incident, D3 can establish the kill chain of the attack by uncovering the connections between each technique used by the adversary. So even when, for example, an adversary uses a compromised user account to move from an on-premises system to a cloud environment, D3 can see their entire path because it is aggregating data from both environments.
To read more about D3 manages the challenge of hybrid security, read our recent solution guide, titled D3 SOAR for Hybrid Environments.
We’re thrilled to be part of this group of leading-edge security companies and to be working with Microsoft more closely going forward. We think our membership in MISA will bring clear benefits to Azure and D3 customers very soon.
To learn more about how D3 NextGen SOAR integrates with Microsoft tools, check out our Azure Sentinel Solution Guide.
Do you want to see D3 in action? Join us for a 25-minute deep-dive demo and see how our award-winning Security Orchestration, Automation, and Response (SOAR) platform helps security teams accelerate incident response, scale processes, and learn from every incident.REGISTER NOW