Resources

SINK or SOAR! The Benefits of SOAR for MSPs

MSPs interested in becoming an MSSP need to leverage the best of breed tools to support SOC analyst workflows.

2020 Gartner® Market Guide for Security Orchestration, Automation & Response Solutions

Gartner’s research on security orchestration solutions.

How to Do Real-Time Vulnerability & Threat Remediation

Watch this on-demand webinar to get expert insights on shortening the detection and remediation cycle.

Digital Shadows + D3 SOAR

D3’s integration with Digital Shadows SearchLight connects threat intelligence, brand protection, data leak detection, and more to automated triage and response.

ThreatWorx + D3 SOAR

Shorten the vulnerability detection and remediation lifecycle with D3 and ThreatWorx.

Take Action On External Threats with SOAR and TIP

SOC managers, CTI teams and threat hunters need to fuse intelligence sources with…

Forrester and D3 Security Debate the Future of SOAR

Where does independent SOAR fit in the future of cybersecurity? Get the perspectives of two industry thought leaders.

Gartner® Report: Emerging Technologies and Trends Impact Radar: Security

Download your free copy of Gartner’s in-depth analysis of security trends.

XGEN SOAR Event Pipeline

D3’s Event Pipeline automatically ingests, normalizes, and triages events to ensure that only genuine threats get investigated.

How to Slash Incidents by 90%

SOAR isn’t just for mature SOCs; in fact, there are many advantages to having SOC from day one.

10 Golden Rules for SOAR

A digestible blueprint for a successful SOAR implementation.

The SOC Analyst’s Guide to SOAR

Learn how SOAR makes security analysts more effective and less bogged down in repetitive tasks.

The MSSP’s Guide to SOAR

Learn why successful MSSPs are increasingly relying on SOAR to optimize their services.

XGEN SOAR Key Features Guide

Find out which features make XGEN SOAR unique in the SOAR market.

The CISO’s Guide to SOAR

Learn how SOAR supports CISOs as they implement their automation strategies.

How the Principles of the Navy SEALs Can Improve Your Use of SOAR

Learn how to translate the best practices of SpecOps to SecOps.

The Top SOAR Playbooks You’ll Need in 2022

Go step-by-step through the playbooks that every security team will need in the coming year.

ZeroFOX + D3 SOAR

Learn how ZeroFOX and D3 combine to disrupt threats to your brand and public-facing assets.

SOAR Playbooks for the Remote Work Era

Learn how remote work affects SecOps and which SOAR playbooks can help.

SANS 2021 Automation and Integration Survey

Real-world perspectives and expert analysis on the present and future of security automation.

The ROI of D3 XGEN SOAR

A detailed analysis of how XGEN SOAR provides tangible value to clients through orchestration and automation.

TTP-Based Threat Hunting

Learn how D3 uses TTP data from high-fidelity incidents to drive effective threat hunting workflows.

Form-Based vs. Playbook-Based SOAR Platforms

There are two major types of SOAR platforms. Learn which one is right for you, and why the differences might not be obvious during a POC.

Gartner: When Should a SOC Include NOC Functions and Responsibilities?

SOC and NOC teams rely on each other and share data, tools and skill sets. Security leaders should read this research note to help evaluate or prepare for a joint SOC-NOC model, in which SOAR can be used for security and IT operations use cases.

10X: Real-World SOAR Case Study

Learn how this global FinTech company increased their alert handling speed by 10X.

KuppingerCole Leadership Compass for SOAR Solutions

A head-to-head evaluation of 12 leading SOAR vendors from the analyst group KuppingerCole.

MSSP Case Study

Learn how this MSSP improved the services they provide their clients while improving their own profit margins by centralizing their operations through D3 SOAR.

Security & Reliability Concerns for SOAR Buyers

Six areas in which the wrong SOAR platform can compromise your security operations.

AttackIQ + D3 SOAR

D3 and AttackIQ work together to run attack simulations and orchestrate follow-up actions from D3 playbooks.

Investigating and Responding to the SunBurst Malware Attack

The SunBurst malware attack has left security teams scrambling. Learn how D3 NextGen SOAR can help.

How D3 Measures Up to Gartner’s SOAR Requirements

Find out how D3 maps successfully to all of Gartner’s SOAR recommendations, offering a comprehensive end-to-end solution for SOCs and security leaders around the world.

The State of GDPR & How SOAR Can Help

GDPR non-compliance can be an expensive mistake. Learn how SOAR can help you avoid major fines.

NextGen SOAR Product Guide

NextGen SOAR has arrived. Learn why it’s different and what it means for your organization.

Creating Value and ROI Through D3 NextGen SOAR

An executive-level view of how D3 SOAR can streamline and improve security, while making spending more efficient.

Digital Forensics Case Management

D3 gives digital forensic, eDiscovery and IR investigators a web-based case management system with fully configurable modules.

Zscaler + D3 SOAR

D3 SOAR and Zscaler solve common security operations problems by integrating cloud security tools with powerful automated incident response.

MSSP SOAR Buyer’s Guide

In this buyer’s guide, you’ll get a complete playbook for how to evaluate SOAR platforms for your MSSP.

RSA NetWitness + D3 SOAR

D3 acts as a unified dashboard for analysis and investigation of RSA NetWitness Platform alerts, enriching incoming alerts with correlated MITRE ATT&CK matrix techniques, threat intelligence, and historical incident data.

5 Playbooks for the Remote Work Era

SOAR Playbooks are crucial in remote work scenarios because they mitigate disruption, triage fast-moving events, and reduce manual processing.

SOAR Best Practices Research from Frost & Sullivan

Best Practices research from Frost & Sullivan explores the SOAR market and key vendors.

MITRE ATT&CK For Dummies

Learn how to leverage the world’s most comprehensive knowledgebase of cyber adversary tactics and techniques in this exclusive e-book.

Introducing Next-Generation SOAR

In this live webinar event, D3 Director of Cyber Security Stan Engelbrecht introduces Next-Generation SOAR—a significant evolution from SOAR “1.0” with MITRE ATT&CK automation, enhanced threat intelligence, and fully codeless playbooks and integrations.

Rapid7 + D3 SOAR

The combined capabilities of D3 SOAR and Rapid7 create stronger cloud security, vulnerability management, and incident response automation.

Overcoming the Cybersecurity Skills Gap

How automation and orchestration can help overcome a lack of experienced cybersecurity personnel.

NextGen SOAR Buyer’s Guide

Our SOAR Buyer’s Guide will help you ask the right questions when assessing vendors and implementing SOAR tools.

Elasticsearch + D3 SOAR

D3 integrates with Elasticsearch, the search and analytics engine at the heart of the Elastic stack, to ingest alerts and query aggregated data.

Azure Sentinel + D3 SOAR

Through its integration with Sentinel, D3 can act as the security operations hub for cloud or hybrid environments.

Datadog + D3 SOAR

D3’s integration turns Datadog’s comprehensive application and security monitoring data into automation-powered investigations.

LogRhythm + D3 SOAR

D3 acts as a unified dashboard for analysis and investigation of LogRhythm events, enriching them with correlated intelligence.

Check Point + D3 SOAR

The combination of Check Point and D3 SOAR provides the SOC with vastly improved visibility, intelligence and agility.

Chronicle + D3 SOAR

D3’s integration with Chronicle enables a combined analytic and investigative solution that can scale with no added cost.

SOAR Benefits and FAQs

What is SOAR, how does it work, and who is it for? Answer your questions about SOAR technology in this primer.

D3’s Codeless Playbooks

D3’s playbook editor requires no scripting by users, making playbooks easier to build and maintain. Learn how codeless playbooks can benefit your organization.

D3 SOAR for MSSPs

Learn how D3 SOAR helps MSSPs overcome security challenges and enable greater profits.

IBM QRadar + D3 SOAR

D3 acts as a unified dashboard for analysis and investigation of QRadar offenses, enriching alerts and orchestrating responses.

COVID-19 Pandemic Response Tool

D3 has created a tool to help organizations track, report, and respond to cases of COVID-19 in their workforce.

D3 SOAR for Hybrid Environments

D3 is the ideal solution to coordinate security operations for companies with systems both in the cloud and on-premise.

Four Ways to Leverage MITRE ATT&CK in Your Security Operations

The potential value of ATT&CK as a resource is widely acknowledged, but many security teams still struggle to operationalize it effectively.

Monitor Module Overview: Bringing MITRE ATT&CK into SOAR

The Monitor module shows how D3 has revamped its platform to incorporate MITRE ATT&CK.

SOAR Platform Comparison

Learn about the advanced capabilities that set some major SOAR platforms apart from others.

SIEM Alert Enrichment with D3 SOAR

Turn SIEM alerts into intelligent, automation-powered response.

SOAR in the Real World Survey

We collected the thoughts of more than 300 security professionals to learn how SOAR is actually used in the real world, how it is perceived by those who don’t yet use it, and why organizations are turning to SOAR.

D3 SOAR for Threat Hunting

D3’s embedded MITRE ATT&CK matrix and powerful orchestration features enable advanced threat hunting.

Active Directory + D3 SOAR

D3’s integration with Active Directory brings detailed employee information into the SOC for efficient analysis of, and response to, a wide range of security incidents.

MaxMind + D3 SOAR

D3’s integration with MaxMind enables automated enrichment of security events with IP risk scores and geolocations.

Tenable + D3 SOAR

Integrating D3 with Tenable connects vulnerability scans to your security operations command center.

Jira Service Desk + D3 SOAR

D3’s integrations with Jira Service Desk enable SOC and IT teams to leverage both solutions for collaboration, escalation, and orchestration of important security tasks.

ServiceNow + D3 SOAR

D3’s integrations with ServiceNow’s ITSM module enable SOC and IT teams to leverage both solutions for collaboration, escalation, and orchestration of important security tasks.

Lastline + D3 SOAR

D3’s integration with Lastline brings powerful, AI-based malware analysis, risk scoring, detonation, and threat intelligence into D3’s incident response workflows.

Microsoft + D3 SOAR

D3 pulls aggregated alerts from either Azure Security Center or Microsoft’s Graph API for analysis, enrichment, and automation-powered incident response through D3’s powerful playbooks and orchestration engine.

Partner Program Overview

How D3 works with partners around the world to provide world-class SOAR to clients.

CrowdStrike + D3 SOAR

D3’s integrations with CrowdStrike tools make it the perfect command center for event intake, threat intelligence enrichment, malware analysis, and orchestrating actions across endpoints.

Use This Guide for a Successful SOAR PoC

The key insights gained through D3’s experience with SOAR proof-of-concept projects.

MITRE ATT&CK Framework Spreadsheet

The entire MITRE ATT&CK matrix in a convenient, downloadable spreadsheet.

What Makes D3 SOAR Different?

The functional, financial, and technical factors that set D3 SOAR apart.

Breach Response Template

Use this guide to ensure that your data breach presentation is clear, measured, and descriptive.

Public Sector Case Study

Like many government entities, this State Government was facing the huge challenge of streamlining cybersecurity operations across multiple geographically distributed departments and agencies.

Manufacturing Case Study

Before implementing SOAR, this global pharmaceutical manufacturer had a mature cybersecurity program, but with some substantial gaps regarding incident response.

SOAR 2.0: Redefining SOAR with the MITRE ATT&CK Framework

D3 is evolving its platform to intelligently correlate events using the MITRE ATT&CK framework. We call it SOAR 2.0.

Financial Services Case Study

When this major international bank reviewed its security, risk management, and compliance processes, it came to the conclusion that it needed a SOAR platform.

Advantages of the SOAR-Native SOC

SOAR isn’t just for mature SOCs; in fact, there are many advantages to having SOC from day one.

FireEye + D3 SOAR

D3’s App for FireEye allows you to streamline SecOps and IR workflows, reduce manual coordination, and augment the power of your existing tools.

Healthcare Case Study

Following a significant data breach that cost them millions of dollars, this multi-state healthcare system wanted to rebuild their security operations from the ground up, bringing incident response and digital forensics fully in-house.

Fortinet + D3 SOAR

D3’s robust out-of-the-box integration with all Fortinet tools provides security teams with seamless security incident and data breach response.

SANS Automation & Integration Survey 2019

This D3-sponsored report takes answers from more than 200 security professionals to form a picture of the present and future of automation.

Symantec + D3 SOAR

D3’s App for Symantec allows you to streamline SecOps and IR workflows, reduce manual coordination, and fully leverage existing tool investments.

Splunk + D3 SOAR

D3 acts as a unified dashboard for analysis and investigation of Splunk events, enriching notable events with contextual data, threat intelligence, and historical incident data.

Palo Alto + D3 SOAR

D3 integrates with Palo Alto tools to orchestrate response workflows that include threat intelligence enrichment, malware analysis, firewall blacklists, and more.

Micro Focus + D3 SOAR

D3 acts as a unified dashboard for analysis and investigation of ArcSight ESM events, enriching correlated events with contextual data, threat intelligence, and historical incident data.

Cisco + D3 SOAR

D3’s Cisco integrations allow you to streamline SecOps and IR workflows, reduce manual coordination, and fully leverage existing tool investments.

Carbon Black + D3 SOAR

D3’s integration with Carbon Black automates and orchestrates workflows for endpoint protection, threat hunting, compliance, and incident response.

SANS Automation & Integration Survey: What’s Next in Automation

In this webcast, attendees will dig deeper to learn how they can overcome their challenges and enhance their automation programs.

How to Deploy SOAR

Organizations’ interest in SOAR platforms has never been higher, but many don’t know what is required for deployment. This whitepaper provides a step-by-step process to get started.

No Image......

Next XGEN SOAR Platform Demo

Introduction to D3 Security

New to D3? New to SOAR? Learn how the D3 SOAR Platform provides connective tissue for your SOC with automated incident response playbooks that save your organization considerable time and money.

McAfee + D3 SOAR

D3 and McAfee have joined forces to combine McAfee ESM with the D3 SOAR Platform.

Before You SOAR

Based on D3’s experience with hundreds of successful security operations and incident response deployments, we’ve outlined five actions that you can take to get your organization ready for this powerful technology.

2018 SINET Innovator Award Presentation

The Security Innovation Network (SINET) named D3 one of the most innovative cyber security companies in the world. Learn what makes D3 an innovator in this presentation from the SINET gala in Washington, DC.

SOAR to Security Automation Quick Wins

SecOps experts from Securosis and D3 Security demonstrate how to get ‘quick wins’ from security automation, without losing sight of long-term value.

InfoSec Institute & D3 Security: ATM, Card Skimming and Other Fraud

On this episode of the InfoSec Institute’s CyberSpeak podcast, Stan Engelbrecht, director of cyber security practice for D3 Security, discusses a scary topic that we’ve been hearing a lot about on the news: the practice of ATM fraud and the implications for other swipe- and chip-based technologies.

How to Prepare for Cyber Security Orchestration

Sophisticated attacks and a siloed IT ecosystem have prompted the rise of orchestration and automation. Security architects and professionals must learn how to prepare for, and deploy, SOAR technology.

Terrorism in the Pharmaceutical Industry

Managing the converged threat of cyber and physical attacks.

HIPAA Incident Management

How a hospital’s multi-million dollar fine could have been avoided.

SOAR Like An Eagle: The Key to Fast, Full-Lifecycle Incident Response

SOCs need orchestration and automation to contextualize alerts and speed threat investigation. But that’s not all: ‘SOAR’ can also be used across the full incident response lifecycle. Learn more in this webinar from ESG and D3 Security.

D3 + ThreatQuotient

Automated threat intelligence enrichment for every cybersecurity incident.

Incident Response in the Energy Industry

A recent study shows that cyber-attacks against the energy industry are on the rise.

Guided Investigations Solution Guide

Ensuring consistency, efficiency, and defensibility.

The CyberWire Podcast- Cybersecurity Vulnerabilities in Public Transport

In today’s podcast, we talk about what the Five Eyes see. Implications of North Korean responsibility for WannaCry. Defense and deterrence go with naming and shaming.

Financial Crime Case Management

Streamlining security, investigations, and audits.

Save Time with VirusTotal & DomainTools

Using automated threat intelligence lookups to enrich incident reports.

Next-Generation Threat Management Webinar

In this webinar, the former CISO of British Telecom and the Commander of US Coast Guard Cyber Command explore with D3 Security how enterprises can bring security, risk and compliance together in order to change the way they think about, and respond to, cyber security threats.

Next-Generation Threat Management

Security, risk, and compliance through incident management.

Why Public Transit Could be the Next Big Cyberattack Target

How leading transportation systems can prepare their response.

ATM Security

Incident response, compliance, and anti-fraud solutions.

Go Beyond Incident Response

In this webinar, a panel of cyber security experts from the Chertoff Group and D3 Security discuss how finding the sources of incidents, and implementing corrective action, are critical to reducing event volume and risk to the organization.

AMD Case Study

How D3 helps AMD manage security incidents across its facilities.

University of Pittsburgh Medical Center Case Study

Learn how UPMC uses D3’s incident management platform across its 20+ hospitals and 55,000 employees.

Go Transit Metrolinx Case Study

How one of North America’s largest public transit systems relies on D3 for incident management, situational awareness, and dispatching.

Your Ticketing System Falls Short of IR

The importance of purpose-built incident response technology.

Using Threat Intelligence to Improve IR

The importance of integrating threat intelligence into incident response processes.

Improve SIEM and Cyber Resilience

Enhance your SIEM with D3’s bi-directional integrations.

St. Lawrence College Case Study

How St. Lawrence College uses D3 to centralize and modernize incident management.

Learn more about how security orchestration, automation, and incident response affect your organization, and what D3 can do to help.

SINK or SOAR! The Benefits of SOAR for MSPs

2020 Gartner® Market Guide for Security Orchestration, Automation & Response Solutions

How to Do Real-Time Vulnerability & Threat Remediation

Digital Shadows + D3 SOAR

ThreatWorx + D3 SOAR

Take Action On External Threats with SOAR and TIP

Forrester and D3 Security Debate the Future of SOAR

Gartner® Report: Emerging Technologies and Trends Impact Radar: Security

XGEN SOAR Event Pipeline

How to Slash Incidents by 90%

10 Golden Rules for SOAR

The SOC Analyst’s Guide to SOAR

The MSSP’s Guide to SOAR

XGEN SOAR Key Features Guide

The CISO’s Guide to SOAR

How the Principles of the Navy SEALs Can Improve Your Use of SOAR

The Top SOAR Playbooks You’ll Need in 2022

ZeroFOX + D3 SOAR

SOAR Playbooks for the Remote Work Era

SANS 2021 Automation and Integration Survey

The ROI of D3 XGEN SOAR

TTP-Based Threat Hunting

Form-Based vs. Playbook-Based SOAR Platforms

Gartner: When Should a SOC Include NOC Functions and Responsibilities?

10X: Real-World SOAR Case Study

KuppingerCole Leadership Compass for SOAR Solutions

MSSP Case Study

Security & Reliability Concerns for SOAR Buyers

AttackIQ + D3 SOAR

Investigating and Responding to the SunBurst Malware Attack

How D3 Measures Up to Gartner’s SOAR Requirements

The State of GDPR & How SOAR Can Help

NextGen SOAR Product Guide

Creating Value and ROI Through D3 NextGen SOAR

Digital Forensics Case Management

Zscaler + D3 SOAR

MSSP SOAR Buyer’s Guide

RSA NetWitness + D3 SOAR

5 Playbooks for the Remote Work Era

SOAR Best Practices Research from Frost & Sullivan

MITRE ATT&CK For Dummies

Introducing Next-Generation SOAR

Rapid7 + D3 SOAR

Overcoming the Cybersecurity Skills Gap

NextGen SOAR Buyer’s Guide

Elasticsearch + D3 SOAR

Azure Sentinel + D3 SOAR

Datadog + D3 SOAR

LogRhythm + D3 SOAR

Check Point + D3 SOAR

Chronicle + D3 SOAR

SOAR Benefits and FAQs

D3’s Codeless Playbooks

D3 SOAR for MSSPs

IBM QRadar + D3 SOAR

COVID-19 Pandemic Response Tool

D3 SOAR for Hybrid Environments

Four Ways to Leverage MITRE ATT&CK in Your Security Operations

Monitor Module Overview: Bringing MITRE ATT&CK into SOAR

SOAR Platform Comparison

SIEM Alert Enrichment with D3 SOAR

SOAR in the Real World Survey

D3 SOAR for Threat Hunting

Active Directory + D3 SOAR

MaxMind + D3 SOAR

Tenable + D3 SOAR

Jira Service Desk + D3 SOAR

ServiceNow + D3 SOAR

Lastline + D3 SOAR

Microsoft + D3 SOAR

Partner Program Overview

CrowdStrike + D3 SOAR

Use This Guide for a Successful SOAR PoC

MITRE ATT&CK Framework Spreadsheet

What Makes D3 SOAR Different?

Breach Response Template

Public Sector Case Study

Manufacturing Case Study