D3 Security: Incident Response and Management Software

Form-Based vs. Playbook-Based SOAR Platforms

There are two major types of SOAR platforms. Learn which one is right for you, and why the differences might not be obvious during a POC.

Gartner: When Should a SOC Include NOC Functions and Responsibilities?

SOC and NOC teams rely on each other and share data, tools and skill sets. Security leaders should read this research note to help evaluate or prepare for a joint SOC-NOC model, in which SOAR can be used for security and IT operations use cases.

FinTech Case Study

Learn how this global FinTech company increased their alert handling speed by 10X.

KuppingerCole Leadership Compass for SOAR Solutions

A head-to-head evaluation of 12 leading SOAR vendors from the analyst group KuppingerCole.

MSSP Case Study

Learn how this MSSP improved the services they provide their clients while improving their own profit margins by centralizing their operations through D3 SOAR.

Security & Reliability Concerns for SOAR Buyers

Six areas in which the wrong SOAR platform can compromise your security operations.

AttackIQ + D3 SOAR

D3 and AttackIQ work together to run attack simulations and orchestrate follow-up actions from D3 playbooks.

Investigating and Responding to the SunBurst Malware Attack

The SunBurst malware attack has left security teams scrambling. Learn how D3 NextGen SOAR can help.

How D3 Measures Up to Gartner’s SOAR Requirements

Find out how D3 maps successfully to all of Gartner’s SOAR recommendations, offering a comprehensive end-to-end solution for SOCs and security leaders around the world.

The State of GDPR & How SOAR Can Help

GDPR non-compliance can be an expensive mistake. Learn how SOAR can help you avoid major fines.

NextGen SOAR Product Guide

NextGen SOAR has arrived. Learn why it’s different and what it means for your organization.

Gartner’s Market Guide for Security Orchestration, Automation & Response Solutions

Gartner’s research on security orchestration solutions.

Creating Value and ROI Through D3 NextGen SOAR

An executive-level view of how D3 SOAR can streamline and improve security, while making spending more efficient.

Digital Forensics Case Management

D3 gives digital forensic, eDiscovery and IR investigators a web-based case management system with fully configurable modules.

Zscaler + D3 SOAR

D3 SOAR and Zscaler solve common security operations problems by integrating cloud security tools with powerful automated incident response.

MSSP SOAR Buyer’s Guide

In this buyer’s guide, you’ll get a complete playbook for how to evaluate SOAR platforms for your MSSP.

RSA NetWitness + D3 SOAR

D3 acts as a unified dashboard for analysis and investigation of RSA NetWitness Platform alerts, enriching incoming alerts with correlated MITRE ATT&CK matrix techniques, threat intelligence, and historical incident data.

5 Playbooks for the Remote Work Era

SOAR Playbooks are crucial during pandemics because they mitigate disruption, triage fast-moving events and reduce manual processing.

SOAR Best Practices Research from Frost & Sullivan

Best Practices research from Frost & Sullivan explores the SOAR market and key vendors.

MITRE ATT&CK For Dummies

Learn how to leverage the world’s most comprehensive knowledgebase of cyber adversary tactics and techniques in this exclusive e-book.

Introducing Next-Generation SOAR

In this live webinar event, D3 Director of Cyber Security Stan Engelbrecht introduces Next-Generation SOAR—a significant evolution from SOAR “1.0” with MITRE ATT&CK automation, enhanced threat intelligence, and fully codeless playbooks and integrations.

Rapid7 + D3 SOAR

The combined capabilities of D3 SOAR and Rapid7 create stronger cloud security, vulnerability management, and incident response automation.

Overcoming the Cybersecurity Skills Gap

How automation and orchestration can help overcome a lack of experienced cybersecurity personnel.

NextGen SOAR Buyer’s Guide

Our SOAR Buyer’s Guide will help you ask the right questions when assessing vendors and implementing SOAR tools.

Elasticsearch + D3 SOAR

D3 integrates with Elasticsearch, the search and analytics engine at the heart of the Elastic stack, to ingest alerts and query aggregated data.

Azure Sentinel + D3 SOAR

Through its integration with Sentinel, D3 can act as the security operations hub for cloud or hybrid environments.

Datadog + D3 SOAR

D3’s integration turns Datadog’s comprehensive application and security monitoring data into automation-powered investigations.

LogRhythm + D3 SOAR

D3 acts as a unified dashboard for analysis and investigation of LogRhythm events, enriching them with correlated intelligence.

Check Point + D3 SOAR

The combination of Check Point and D3 SOAR provides the SOC with vastly improved visibility, intelligence and agility.

Chronicle + D3 SOAR

D3’s integration with Chronicle enables a combined analytic and investigative solution that can scale with no added cost.

SOAR Benefits and FAQs

What is SOAR, how does it work, and who is it for? Answer your questions about SOAR technology in this primer.

D3’s Codeless Playbooks

D3’s playbook editor requires no scripting by users, making playbooks easier to build and maintain. Learn how codeless playbooks can benefit your organization.

D3 SOAR for MSSPs

Learn how D3 SOAR helps MSSPs overcome security challenges and enable greater profits.

IBM QRadar + D3 SOAR

D3 acts as a unified dashboard for analysis and investigation of QRadar offenses, enriching alerts and orchestrating responses.

COVID-19 Pandemic Response Tool

D3 has created a tool to help organizations track, report, and respond to cases of COVID-19 in their workforce.

D3 SOAR for Hybrid Environments

D3 is the ideal solution to coordinate security operations for companies with systems both in the cloud and on-premise.

Four Ways to Leverage MITRE ATT&CK in Your Security Operations

The potential value of ATT&CK as a resource is widely acknowledged, but many security teams still struggle to operationalize it effectively.

Monitor Module Overview: Bringing MITRE ATT&CK into SOAR

The Monitor module shows how D3 has revamped its platform to incorporate MITRE ATT&CK.

SOAR Platform Comparison

Learn about the advanced capabilities that set some major SOAR platforms apart from others.

SIEM Alert Enrichment with D3 SOAR

Turn SIEM alerts into intelligent, automation-powered response.

SOAR in the Real World Survey

We collected the thoughts of more than 300 security professionals to learn how SOAR is actually used in the real world, how it is perceived by those who don’t yet use it, and why organizations are turning to SOAR.

D3 SOAR for Threat Hunting

D3’s embedded MITRE ATT&CK matrix and powerful orchestration features enable advanced threat hunting.

Active Directory + D3 SOAR

D3’s integration with Active Directory brings detailed employee information into the SOC for efficient analysis of, and response to, a wide range of security incidents.

MaxMind + D3 SOAR

D3’s integration with MaxMind enables automated enrichment of security events with IP risk scores and geolocations.

Tenable + D3 SOAR

Integrating D3 with Tenable connects vulnerability scans to your security operations command center.

Jira Service Desk + D3 SOAR

D3’s integrations with Jira Service Desk enable SOC and IT teams to leverage both solutions for collaboration, escalation, and orchestration of important security tasks.

ServiceNow + D3 SOAR

D3’s integrations with ServiceNow’s ITSM module enable SOC and IT teams to leverage both solutions for collaboration, escalation, and orchestration of important security tasks.

Lastline + D3 SOAR

D3’s integration with Lastline brings powerful, AI-based malware analysis, risk scoring, detonation, and threat intelligence into D3’s incident response workflows.

Microsoft + D3 SOAR

D3 pulls aggregated alerts from either Azure Security Center or Microsoft’s Graph API for analysis, enrichment, and automation-powered incident response through D3’s powerful playbooks and orchestration engine.

Partner Program Overview

How D3 works with partners around the world to provide world-class SOAR to clients.

CrowdStrike + D3 SOAR

D3’s integrations with CrowdStrike tools make it the perfect command center for event intake, threat intelligence enrichment, malware analysis, and orchestrating actions across endpoints.

Use This Guide for a Successful SOAR PoC

The key insights gained through D3’s experience with SOAR proof-of-concept projects.

MITRE ATT&CK Framework Spreadsheet

The entire MITRE ATT&CK matrix in a convenient, downloadable spreadsheet.

What Makes D3 SOAR Different?

The functional, financial, and technical factors that set D3 SOAR apart.

Breach Response Template

Use this guide to ensure that your data breach presentation is clear, measured, and descriptive.

Public Sector Case Study

Like many government entities, this State Government was facing the huge challenge of streamlining cybersecurity operations across multiple geographically distributed departments and agencies.

Manufacturing Case Study

In 2018, this global pharmaceutical manufacturer had a mature cybersecurity program, but with some substantial gaps regarding incident response.

SOAR 2.0: Redefining SOAR with the MITRE ATT&CK Framework

D3 is evolving its platform to intelligently correlate events using the MITRE ATT&CK framework. We call it SOAR 2.0.

Financial Services Case Study

In 2017, this major international bank reviewed its security, risk management, and compliance processes and came to the conclusion that it needed a SOAR platform.

Advantages of the SOAR-Native SOC

SOAR isn’t just for mature SOCs; in fact, there are many advantages to having SOC from day one.

FireEye + D3 SOAR

D3’s App for FireEye allows you to streamline SecOps
and IR workflows, reduce manual coordination, and
augment the power of your existing tools.

Healthcare Case Study

Following a significant data breach that cost them millions of dollars, this multi-state healthcare system wanted to rebuild their security operations from the ground up, bringing incident response and digital forensics fully in-house.

Fortinet + D3 SOAR

D3’s robust out-of-the-box integration with all Fortinet tools provides security teams with seamless security incident and data breach response.

SANS Automation & Integration Survey 2019

This D3-sponsored report takes answers from more than 200 security professionals to form a picture of the present and future of automation.

Symantec + D3 SOAR

D3’s App for Symantec allows you to streamline SecOps and IR workflows, reduce manual coordination, and fully leverage existing tool investments.

Splunk + D3 SOAR

D3 acts as a unified dashboard for analysis and investigation of Splunk events, enriching notable events with contextual data, threat intelligence, and historical incident data.

Palo Alto + D3 SOAR

D3 integrates with Palo Alto tools to orchestrate response workflows that include threat intelligence enrichment, malware analysis, firewall blacklists, and more.

Micro Focus + D3 SOAR

D3 acts as a unified dashboard for analysis and investigation of ArcSight ESM events, enriching correlated events with contextual data, threat intelligence, and historical incident data.

Cisco + D3 SOAR

D3’s Cisco integrations allow you to streamline SecOps and IR workflows, reduce manual coordination, and fully leverage existing tool investments.

Carbon Black + D3 SOAR

D3’s App for Carbon Black automates and orchestrates workflows for endpoint protection, threat hunting, compliance, and incident response.

SANS Automation & Integration Survey: What’s Next in Automation

In this webcast, attendees will dig deeper to learn how they can overcome their challenges and enhance their automation programs.

How to Deploy SOAR

Organizations’ interest in SOAR platforms has never been higher, but many don’t know what is required for deployment. This whitepaper provides a step-by-step process to get started.

Join Our Weekly SOAR Demo

Introduction to D3 Security

New to D3? New to SOAR? Learn how the D3 SOAR Platform provides connective tissue for your SOC with automated incident response playbooks that save your organization considerable time and money.

McAfee + D3 SOAR

D3 and McAfee have joined forces to combine McAfee ESM with the D3 SOAR Platform.

Before You SOAR

Based on D3’s experience with hundreds of successful security operations and incident response deployments, we’ve outlined five actions that you can take to get your organization ready for this powerful technology.

2018 SINET Innovator Award Presentation

The Security Innovation Network (SINET) named D3 one of the most innovative cyber security companies in the world. Learn what makes D3 an innovator in this presentation from the SINET gala in Washington, DC.

SOAR to Security Automation Quick Wins

SecOps experts from Securosis and D3 Security demonstrate how to get ‘quick wins’ from security automation, without losing sight of long-term value.

InfoSec Institute & D3 Security: ATM, Card Skimming and Other Fraud

On this episode of the InfoSec Institute’s CyberSpeak podcast, Stan Engelbrecht, director of cyber security practice for D3 Security, discusses a scary topic that we’ve been hearing a lot about on the news: the practice of ATM fraud and the implications for other swipe- and chip-based technologies.

How to Prepare for Cyber Security Orchestration

Sophisticated attacks and a siloed IT ecosystem have prompted the rise of orchestration and automation. Security architects and professionals must learn how to prepare for, and deploy, SOAR technology.

Terrorism in the Pharmaceutical Industry

Managing the converged threat of cyber and physical attacks.

HIPAA Incident Management

How a hospital’s multi-million dollar fine could have been avoided.

SOAR Like An Eagle: The Key to Fast, Full-Lifecycle Incident Response

SOCs need orchestration and automation to contextualize alerts and speed threat investigation. But that’s not all: ‘SOAR’ can also be used across the full incident response lifecycle. Learn more in this webinar from ESG and D3 Security.

D3 + ThreatQuotient

Automated threat intelligence enrichment for every cybersecurity incident.

Incident Response in the Energy Industry

A recent study shows that cyber-attacks against the energy industry are on the rise.

Guided Investigations Solution Guide

Ensuring consistency, efficiency, and defensibility.

The CyberWire Podcast- Cybersecurity Vulnerabilities in Public Transport

In today’s podcast, we talk about what the Five Eyes see. Implications of North Korean responsibility for WannaCry. Defense and deterrence go with naming and shaming.

Financial Crime Case Management

Streamlining security, investigations, and audits.

Save Time with VirusTotal & DomainTools

Using automated threat intelligence lookups to enrich incident reports.

Next-Generation Threat Management Webinar

In this webinar, the former CISO of British Telecom and the Commander of US Coast Guard Cyber Command explore with D3 Security how enterprises can bring security, risk and compliance together in order to change the way they think about, and respond to, cyber security threats.

Next-Generation Threat Management

Security, risk, and compliance through incident management.

Why Public Transit Could be the Next Big Cyberattack Target

How leading transportation systems can prepare their response.

ATM Security

Incident response, compliance, and anti-fraud solutions.

Go Beyond Incident Response

In this webinar, a panel of cyber security experts from the Chertoff Group and D3 Security discuss how finding the sources of incidents, and implementing corrective action, are critical to reducing event volume and risk to the organization.