RSA Conference is always a highlight of the year for us here at D3 Security. We’re looking forward to meeting you at SF’s Moscone Center from June 6th–9th, to talk about all things cybersecurity. We’ll be at Booth #N5466 giving demos, answering questions about D3’s SOAR solutions, and giving out the best swag. D3 is excited to showcase new features and capabilities of the latest build of our next-generation SOAR platform, many of which are industry firsts. If you’d like to join us at the expo, here is a link to get your free pass.
Here are a few things we’d love to show you at RSA.
Event Pipeline – Bringing Hyperautomation Capabilities to Your SOC
We’ll be demoing the Event Pipeline, a big SOAR innovation, at RSAC. Analysts say that hyperautomation is one of the top strategic technology trends this year. D3’s SOAR helps you harness hyperautomation in your SOC with our Event Pipeline, a playbook-powered event-processing engine that automatically deals with high volumes of security alerts. The Event Pipeline dismisses false positives, making it easier to address meaningful alerts through incident response playbooks.
The Event Pipeline has three core stages in its data ingestion process. The first stage is the event normalization phase, where useful information like hostnames and IP addresses is extracted from the raw alerts and tagged. In the Threat Triage stage, the events are enriched with threat intelligence data and correlated against contextual search queries to actively hunt for related events. Finally, in the Auto-Dismissal and Escalation phase, false-positive checks filter out unwanted incidents so you can focus on what matters most.
The Event Pipeline auto-dismisses, deduplicates, and consolidates as much as 98% of incoming alerts to reduce noise in your environment. This saves you time and ensures that you focus on the most important alerts first. Our SOAR platform is built on a distributed NoSQL microservices architecture to handle the massive amounts of data that security operations generate.
Read: D3’s Event Pipeline is the Perfect Example of Gartner’s ‘Hyperautomation in Security’
MSSP’s New Secret Weapon: The MDR Toolkit
For more mature MSSPs, our updated NextGen SOAR platform includes an ‘MDR Toolkit’ that helps MSSPs provide MDR (managed detection and response) services, which is a must in today’s managed services market. The MDR Toolkit leverages the power of D3’s Event Pipeline, big data processing, and incident response capabilities, helping MSSPs grow their customer base and service offerings without adding headcount. With the latest update, our SOAR platform includes the option to use MongoDB, which gives MSSPs the ability to search, correlate, and store large amounts of event/alert data without sacrificing speed and performance. Our pre-built incident response playbooks can be centrally managed and shared across different customers in a multi-tenant environment. The MDR Toolkit offers the automation and performance capabilities MSSPs need to add Tier 2 and 3 services and keep up with the wave of MDRs that are eating in to their client bases.
Read: How Next-Generation SOAR Integrates with SIEMs
Join Us At The World’s Largest Information Security Event!
We can’t wait to see you at RSA Conference 2022! If you’re in the Bay Area between June 6th–9th, come find D3 Security at the Moscone Center, Booth #N5466. We’d love to meet you and learn more about your security challenges. Get your free expo pass here.