See D3 Chronos, Event Pipeline & MDR Toolkit at RSA Conference 2022

RSA Conference is always a highlight of the year for us here at D3 Security. We’re looking forward to meeting you at SF’s Moscone Center from June 6th–9th, to talk about all things cybersecurity. We’ll be at Booth #N5466 giving demos, answering questions about D3’s SOAR solutions, and giving out the best swag. D3 is excited to showcase new features and capabilities of the latest build of our next-generation SOAR platform, many of which are industry firsts. If you’d like to join us at the expo, here is a link to get your free pass.

Here are a few things we’d love to show you at RSA.

Event Pipeline – Bringing Hyperautomation Capabilities to Your SOC

We’ll be demoing the Event Pipeline, a big SOAR innovation, at RSAC. Analysts say that hyperautomation is one of the top strategic technology trends this year. D3’s SOAR helps you harness hyperautomation in your SOC with our Event Pipeline, a playbook-powered event-processing engine that automatically deals with high volumes of security alerts. The Event Pipeline dismisses false positives, making it easier to address meaningful alerts through incident response playbooks.

The Event Pipeline has three core stages in its data ingestion process. The first stage is the event normalization phase, where useful information like hostnames and IP addresses is extracted from the raw alerts and tagged. In the Threat Triage stage, the events are enriched with threat intelligence data and correlated against contextual search queries to actively hunt for related events. Finally, in the Auto-Dismissal and Escalation phase, false-positive checks filter out unwanted incidents so you can focus on what matters most.

The Event Pipeline auto-dismisses, deduplicates, and consolidates as much as 98% of incoming alerts to reduce noise in your environment. This saves you time and ensures that you focus on the most important alerts first. Our SOAR platform is built on a distributed NoSQL microservices architecture to handle the massive amounts of data that security operations generate.

Read: D3’s Event Pipeline is the Perfect Example of Gartner’s ‘Hyperautomation in Security’

Introducing D3 Chronos: 10X Your MSSP’s Capacity Without Adding Headcount in 2 Weeks

So you’re an MSSP, huh? You have a lot on your plate. It’s hard to keep up with all the new clients and onboarding challenges, and each new client means dealing with a whole new set of tools to master. We get it. That’s why we created D3 Chronos, a SOAR solution built specifically for MSSPs. With Chronos, you can automate your triage and enrichment process with dozens of out-of-the-box actions that make handling alerts faster, sometimes by 90% or more. And what’s more, Chronos can be up and running within weeks—no lengthy implementation or capabilities you don’t need. Our goal is to maximize MSSPs’ billable time by providing them with a powerful tool that is purpose-built for their industry. D3 Chronos’ key features and benefits include:

  • Automated Triage and Enrichment. Leverage a pipeline to efficiently filter out most alerts before they get escalated to humans.
  • Built-In Client Notifications and Reports. Get customized incident reports automatically available for you and your clients.
  • Rapid Onboarding. It typically takes 3-6 months to implement SOAR. D3 Chronos will start to pay for itself within two weeks.
  • Flexible Payment Plan. We’ll tailor your payment plan to the exact needs of your budget, including a monthly pricing option that lets you keep your capital expenditures to a minimum.
  • Automatic tracking of billable hours. Chronos is designed to automatically log your billable hours in the background—no more forgetting to fill out timesheets.       
  • Automatic monitoring of SLAs. Adhere to SLA deadlines by automatically tracking the time spent on functions such as data enrichment, remediation completion and incident closure.
  • Track MITRE ATT&CK TTPs across client environments. This allows for easy visualization and analysis of ATT&CK TTP coverage and gaps.
  • Full multi-tenancy for seamless segregation of data and environments. A single pane of glass to manage and monitor multiple security systems for multiple customers.

Read: 4 Ways MSSPs Are Increasing Their Margins With Next-Generation SOAR

MSSP’s New Secret Weapon: The MDR Toolkit

For more mature MSSPs, our updated NextGen SOAR platform includes an ‘MDR Toolkit’ that helps MSSPs provide MDR (managed detection and response) services, which is a must in today’s managed services market. The MDR Toolkit leverages the power of D3’s Event Pipeline, big data processing, and incident response capabilities, helping MSSPs grow their customer base and service offerings without adding headcount. With the latest update, our SOAR platform includes the option to use MongoDB, which gives MSSPs the ability to search, correlate, and store large amounts of event/alert data without sacrificing speed and performance. Our pre-built incident response playbooks can be centrally managed and shared across different customers in a multi-tenant environment. The MDR Toolkit offers the automation and performance capabilities MSSPs need to add Tier 2 and 3 services and keep up with the wave of MDRs that are eating in to their client bases.

ReadHow Next-Generation SOAR Integrates with SIEMs 

Join Us At The World’s Largest Information Security Event!

We can’t wait to see you at RSA Conference 2022! If you’re in the Bay Area between June 6th–9th, come find D3 Security at the Moscone Center, Booth #N5466. We’d love to meet you and learn more about your security challenges. Get your free expo pass here.

Social Icon
Shriram Sharma

Shriram is a Marketing Content Writer at D3. A former journalist, he chronicled high-profile data breaches, cyber-attacks, and conducted interviews with white and grey hat hackers. He likes to share his fascination for the field of cyber security by creating accessible and engaging content.