Digital Shadows + D3 Smart SOAR
Act Fast Against Threats and Vulnerabilities
Digital Shadows SearchLight provides actionable threat intelligence that adapts to your organization’s specific risk profile and appetite. Smart SOAR integrates with Digital Shadows SearchLight to connect threat intelligence, brand protection, data leak detection, and more to automated triage and response.
Benefits and Capabilities
D3’s integration team takes the burden of integrations off your hands by building, maintaining, and upgrading the best possible connections between tools. We have closely studied Digital Shadows to provide a powerful integration that enables seamless incorporation of threat intelligence into automated workflows.
- Analyze security alerts by combining Digital Shadows’ threat intelligence with Smart SOAR’s high-fidelity incident data
- Map threat reports to the MITRE ATT&CK Matrix
- Detect and respond to fraudulent domains and leaked credentials
- Prioritize vulnerability management based on Digital Shadows’ risk scores
Use CAse
Threat Hunting
In Smart SOAR, users can set up a scheduled utility command to retrieve threat reports on a weekly cadence (or whatever cadence they are published on) from integrated TIPs, such as Qualys. Smart SOAR then parses the report and extracts the details, including any CVEs. Then, each CVE is sent to Digital Shadows SearchLight to retrieve the CVSS score, a risk score, and the MITRE ATT&CK TTPs involved. The analyst can then quickly assess the risk level and trigger the appropriate threat hunting playbook. This might include running a scan in an integrated TVM tool for vulnerabilities in the report, searching an integrated SIEM for IOCs, and generating notifications to close any known vulnerabilities.
- Create an automated process for threat hunting, vulnerability management, and operationalizing threat intelligence
- Ensure immediate action on new threat reports
- Find dangerous IOCs across your environment
Use Case
Alert Enrichment
By integrating Smart SOAR and Digital Shadows, you can automatically enrich alerts from your detection tools with valuable intelligence from Digital Shadows SearchLight, including IP, URL, and hash information. This enables you to immediately assess the risk of an alert and trigger the appropriate response. Or, to completely automate the process, users can create conditional tasks based on factors like the reputation score of the IOCs, which can automatically trigger nested playbooks.
- Streamline triage and analysis to ensure complete coverage of alerts
- Free up time to spend on important investigations
- Eliminate time-wasting manual threat intelligence lookups
Why Smart SOAR?
Joint users of Digital Shadows SearchLight and D3 Smart SOAR don’t just get automated intelligence enrichment and threat hunting, they also get the countless other features that make Smart SOAR the leading independent SOAR solution, including:
Expert-built codeless integrations across the stack
Tier 1–3 automation, based on deep research into the capabilities of common tools
The Event Pipeline, which reduces alert volume by up to 98%
Cross-dimension correlation, which acts across tools, timeframes, TTPs, and artifacts
Digital Shadows Integration: Summary
Integrations Done the Right Way
An unlimited number of pre-built integrations, expertly maintained by the largest technical team in security automation. Thoroughly researched, tested and built—and delivered for free. Always.