D3’s Roadmap Highlights for 2023: Machine Learning and More

2022 was a momentous year for D3 Security, but we’re always looking to the future. We are committed to being leaders, not followers, in the SOAR industry, and with than in mind we have laid out a plan for 2023 that might be our most ambitious roadmap yet.

The next year of D3 Smart SOAR will build upon past innovations like the Event Pipeline and ATT&CK-based orchestration to provide massive benefits to our users, whether they are working for enterprises, public sector entities, or managed service providers. We develop everything with the needs of our MSSP partners in mind, which you’ll see reflected in our roadmap.

Here are just a few of the upcoming highlights from what promises to be another exciting year for D3.


Cloud-Native Architecture

In 2023, we will be moving Smart SOAR to a cloud-native architecture. This will give us the ability to assign resources in real time to support surges in demand, enabling huge leaps forward in SOAR capabilities, such as:

  • Running detections across massive amounts of data
  • Increasing the capacity of our Event Pipeline from an already unmatched 200 alerts per minute by 10x or more
  • Big data correlations in parallel, for improved speed and scale

To put it simply, instead of clients needing to predict their requirements, the platform will be able to auto-scale the power and capacity of resources like Kubernetes and MongoDB clusters. This will be especially valuable for MSSPs with large numbers of clients, as well as organizations facing a serious security incident.


Machine Learning

Machine learning has been a buzzword in SOAR for a while, but few companies actually use it a meaningful way. In the coming year, we will be implementing machine learning in several ways to improve the benefits our clients receive from Smart SOAR.

  1. Machine learning will increase the efficiency of our Event Pipeline even further, by enabling it to improve over time its ability to narrow down thousands of alerts to the few that actually require human attention.
  2. Smart SOAR will learn how a user generally responds to certain scenarios and be able to recommend the appropriate actions.
  3. The system will also be able to intelligently assign tasks to the appropriate team member, based on criteria like shift schedules, expertise, and open tickets.
  4. The move to a graph database model will enable Smart SOAR to use machine learning to reveal hidden or potential relationships across vast stores of data.


Client Portal for MSSPs

MSSP Client Portal Screenshot

We have several major improvements on our roadmap specifically aimed at our MSSP partners, with the most exciting being the MSSP Client Portal. The Portal will be used by MSSPs and their clients to manage interactions, reporting, and approvals. Instead of waiting for responses to emails or scheduling calls, clients will have a streamlined view of what matters to them, so they can efficiently delegate to their MSSP without wasting time.

In the Portal, clients can see all the pending tasks that their MSSP has, along with requests for approvals where they are necessary. The MSSP can include a note providing context for the action and why an approval is necessary.  When the client clicks the approval button, it feeds directly into the Smart SOAR playbook, allowing the action to execute without any dwell time.

The MSSP’s client can also customize the main portal dashboard to show at-a-glance snapshots of things like messages from the MSSP, artifacts found in alerts, linked incidents, and the attacker techniques that have been detected in the environment. The client can further drill down on incidents and view detailed metrics.

The Client Portal for MSSPs will not only improve the quality of service that MSSPs can provide, it will also give clients visibility into the value they are getting from their MSSPs.


Learn More About the Next Generation of SOAR

These are just a few of the innovative items on our roadmap for 2023 and beyond. With the SOAR industry’s largest dedicated development team, D3 is committed to constantly pushing the limits of what a SOAR tool can do to help MSSP, enterprise, and public sector security teams achieve their goals. If our roadmap sounds exciting to you, and you’d like to hear about what else we’re working on, schedule a call with one of our product experts today.

Social Icon
Walker Banerd

Walker is D3 Security's Director of Content Marketing. He leads the writing of D3's blog, as well as white papers, industry briefings, and other thought leadership. Walker's expertise is translating technical concepts into easily understandable content, with a focus on software, cybersecurity, and compliance solutions.