- SOAR 101
One of the things that sets D3 apart is the deep case management functionality we provide as part of our full-lifecycle incident response solution. We are excited to announce that we have built on that strength with a totally reimagined Guided Case Management module, which will bring unprecedented levels of guidance to cybersecurity investigations. These new features can instantly elevate the contributions of your entire team, by leading them through comprehensive workflows based on your internal policies, compliance requirements, and industry frameworks like NIST.
The complete press release announcing the product launch is below.
To learn more, check out our brand-new solutions guide, which describes how organizations can leverage these new features.
VANCOUVER, British Columbia -D3 Security, a developer of automated incident response and case management solutions for Fortune 500 companies, today announced the release of Guided Case Management—a new addition to the D3 Incident Response Platform—that supports efficient and disciplined post-incident investigations and digital forensics. An industry first, this groundbreaking feature will help enterprises address the IT security skills gap by extending user guidance and decision support beyond the initial incident response, to post-incident activities, reporting, and digital forensics.
Reports project that by 2019, there will be a shortage of two million cybersecurity experts across the globe. In order to bridge the gap, many organizations have turned to automation and orchestration technology, including the D3 Incident Response Platform. However, the skills gap continues to affect organizations that need to conduct deeper post-incident investigations, with data privacy, regulatory, and legal obligations often adding a layer of complexity. Like never before, conclusive remediation hinges on the ability of cyber security professionals to fully leverage digital evidence, to establish detailed timelines, relationships, and root causes—while employing a defensible process and generating required audit logs and chain-of-custody.
“Companies use highly specialized tools to collect and analyze security data, but they often resort to manual and ad hoc processes to manage post-incident investigations, document evidence, and track case workflow – which doesn’t scale easily,” said Stan Engelbrecht, Director of Cyber Security Practice at D3 Security. “D3’s Guided Case Management solves this problem by organizing interrelated security and incident data, allowing them to be analyzed together, and providing step-by-step instructions that help investigators manage cases, generate reports, and provide transparency to stakeholders.”
Guided Case Management empowers companies to amplify the impact of their investigators. Built-in instructional elements are fully configurable, allowing senior investigators to input their knowledge, which can be leveraged by less experienced team members as they conduct their investigations. Additionally, team leaders have visibility into their team’s activities to make sure proper processes are being followed. In order to ensure consistency across departments, global organizations are able to deploy a standardized case management process, complete with the necessary customization, such as access controls and workflows based on data privacy and breach notification laws that differ across jurisdictions.
Organizations with Guided Case Management will have the ability to configure their own instructional elements, plus the option to work with a CISSP-certified D3 Customer Success Manager, in order to install instructions based on D3 best practices.
About D3 Security
D3 Security’s Incident Response Platform is the foundation for the world’s most advanced security operations. The automated incident response and case management solution enables full-lifecycle incident management, lessening the pressure on analysts and SOCs, while helping organizations to rapidly remediate incidents and generate a comprehensive log of incidents and actions taken. Industry-specific configurations are available, as are fully configurable workflows and playbooks based on the NIST, SANS and CERT standards.