D3 Security: Incident Response and Management Software

SOAR in the Real World Survey

We collected the thoughts of more than 300 security professionals to learn how SOAR is actually used in the real world, how it is perceived by those who don’t yet use it, and why organizations are turning to SOAR.

D3 SOAR for Threat Hunting

D3’s embedded MITRE ATT&CK matrix and powerful orchestration features enable advanced threat hunting.

Active Directory + D3 SOAR

D3’s integration with Active Directory brings detailed employee information into the SOC for efficient analysis of, and response to, a wide range of security incidents.

MaxMind + D3 SOAR

D3’s integration with MaxMind enables automated enrichment of security events with IP risk scores and geolocations.

Tenable + D3 SOAR

Integrating D3 with Tenable connects vulnerability
scans to your security operations command center.

Jira Service Desk + D3 SOAR

D3’s integrations with Jira Service Desk enable SOC and IT teams to leverage both solutions for collaboration, escalation, and orchestration of important security tasks.

ServiceNow + D3 SOAR

D3’s integrations with ServiceNow’s ITSM module enable SOC and IT teams to leverage both solutions for collaboration, escalation, and orchestration of important security tasks.

Lastline + D3 SOAR

D3’s integration with Lastline brings powerful, AI-based malware analysis, risk scoring, detonation, and threat intelligence into D3’s incident response workflows.

Microsoft + D3 SOAR

D3 pulls aggregated alerts from either Azure Security Center or Microsoft’s Graph API for analysis, enrichment, and automation-powered incident response through D3’s powerful playbooks and orchestration engine.

Partner Program Overview

How D3 works with partners around the world to provide world-class SOAR to clients.

CrowdStrike + D3 SOAR

D3’s integrations with CrowdStrike tools make it the perfect command center for event intake, threat intelligence enrichment, malware analysis, and orchestrating actions across endpoints.

D3 ATTACKBOT

How D3 enables intent-based SOAR by operationalizing the MITRE ATT&CK framework.

Use This Guide for a Successful SOAR PoC

The key insights gained through D3’s experience with SOAR proof-of-concept projects.

MITRE ATT&CK Framework Spreadsheet

The entire MITRE ATT&CK matrix in a convenient, downloadable spreadsheet.

2019 Gartner Market Guide for Security Orchestration, Automation and Response Solutions

Gartner’s findings, recommendations, definitions, and predictions for the SOAR market.

What Makes D3 SOAR Different?

The functional, financial, and technical factors that set D3 SOAR apart.

Breach Response Template

Use this guide to ensure that your data breach presentation is clear, measured, and descriptive.

Public Sector Case Study

Like many government entities, this State Government was facing the huge challenge of streamlining cybersecurity operations across multiple geographically distributed departments and agencies.

Manufacturing Case Study

In 2018, this global pharmaceutical manufacturer had a mature cybersecurity program, but with some substantial gaps regarding incident response.

SOAR 2.0: Redefining SOAR with the MITRE ATT&CK Framework

D3 is evolving its platform to intelligently correlate events using the MITRE ATT&CK framework. We call it SOAR 2.0.

Financial Services Case Study

In 2017, this major international bank reviewed its security, risk management, and compliance processes and came to the conclusion that it needed a SOAR platform.

Advantages of the SOAR-Native SOC

SOAR isn’t just for mature SOCs; in fact, there are many advantages to having SOC from day one.

FireEye + D3 SOAR

D3’s App for FireEye allows you to streamline SecOps
and IR workflows, reduce manual coordination, and
augment the power of your existing tools.

Healthcare Case Study

Following a significant data breach that cost them millions of dollars, this multi-state healthcare system wanted to rebuild their security operations from the ground up, bringing incident response and digital forensics fully in-house.

Fortinet + D3 SOAR

D3’s robust out-of-the-box integration with all Fortinet tools provides security teams with seamless security incident and data breach response.

SANS Automation & Integration Survey 2019

This D3-sponsored report takes answers from more than 200 security professionals to form a picture of the present and future of automation.

Symantec + D3 SOAR

D3’s App for Symantec allows you to streamline SecOps and IR workflows, reduce manual coordination, and fully leverage existing tool investments.

Splunk + D3 SOAR

D3 acts as a unified dashboard for analysis and investigation of Splunk events, enriching notable events with contextual data, threat intelligence, and historical incident data.

Palo Alto + D3 SOAR

D3 integrates with Palo Alto tools to orchestrate response workflows that include threat intelligence enrichment, malware analysis, firewall blacklists, and more.

Micro Focus + D3 SOAR

D3 acts as a unified dashboard for analysis and investigation of ArcSight ESM events, enriching correlated events with contextual data, threat intelligence, and historical incident data.

Cisco + D3 SOAR

D3’s Cisco integrations allow you to streamline SecOps and IR workflows, reduce manual coordination, and fully leverage existing tool investments.

Carbon Black + D3 SOAR

D3’s App for Carbon Black automates and orchestrates workflows for endpoint protection, threat hunting, compliance, and incident response.

How to Deploy SOAR

Organizations’ interest in SOAR platforms has never been higher, but many don’t know what is required for deployment. This whitepaper provides a step-by-step process to get started.

Join Our Weekly SOAR Demo

Introduction to D3 Security

New to D3? New to SOAR? Learn how the D3 SOAR Platform provides connective tissue for your SOC with automated incident response playbooks that save your organization considerable time and money.

McAfee ESM + D3 SOAR

D3 and McAfee have joined forces to combine McAfee ESM with the D3 SOAR Platform.

Before You SOAR

Based on D3’s experience with hundreds of successful security operations and incident response deployments, we’ve outlined five actions that you can take to get your organization ready for this powerful technology.

2018 SINET Innovator Award Presentation

The Security Innovation Network (SINET) named D3 one of the most innovative cyber security companies in the world. Learn what makes D3 an innovator in this presentation from the SINET gala in Washington, DC.

SOAR to Security Automation Quick Wins

SecOps experts from Securosis and D3 Security demonstrate how to get ‘quick wins’ from security automation, without losing sight of long-term value.

SOAR Buyer’s Guide

Our SOAR Buyer’s Guide will help you ask the right questions when assessing vendors and implementing SOAR tools.

How D3 Measures Up to Gartner’s SOAR Requirements

One platform to improve security operations efficiency, quality, and efficacy with SOAR tools.

How to Prepare for Cyber Security Orchestration

Sophisticated attacks and a siloed IT ecosystem have prompted the rise of orchestration and automation. Security architects and professionals must learn how to prepare for, and deploy, SOAR technology.

Terrorism in the Pharmaceutical Industry

Managing the converged threat of cyber and physical attacks.

HIPAA Incident Management

How a hospital’s multi-million dollar fine could have been avoided.

The Ultimate Incident Response Buyer’s Guide

What to look for when selecting an incident response platform.

SOAR Like An Eagle: The Key to Fast, Full-Lifecycle Incident Response

SOCs need orchestration and automation to contextualize alerts and speed threat investigation. But that’s not all: ‘SOAR’ can also be used across the full incident response lifecycle. Learn more in this webinar from ESG and D3 Security.

D3 + ThreatQuotient

Automated threat intelligence enrichment for every cybersecurity incident.

Incident Response in the Energy Industry

A recent study shows that cyber-attacks against the energy industry are on the rise.

GDPR Compliance Report

According to the Cybersecurity Insiders 2018 GDPR Compliance Report, most organizations are not prepared for GDPR.

HR Case Management Solution Guide

Empowering HR teams to enforce the highest standards for workplace misconduct.

GDPR Compliance — 10 Ways An IRP Can Help

Most organizations are not prepared for GDPR compliance. An incident response platform can help out in significant ways.

Cyber Incident Response Product Guide

D3’s SOAR platform combines the best of automation, orchestration, incident response, and case management.

Guided Investigations Solution Guide

Ensuring consistency, efficiency, and defensibility.

The Wave of Change – Improving HR Case Management

Empowering zero tolerance policies for workplace misconduct.

Financial Crime Case Management

Streamlining security, investigations, and audits.

Key Findings from Five Major Cybersecurity Reports

What recent reports tell us about the present and future of automation and orchestration.

Save Time with VirusTotal & DomainTools

Using automated threat intelligence lookups to enrich incident reports.

Next-Generation Threat Management Webinar

In this webinar, the former CISO of British Telecom and the Commander of US Coast Guard Cyber Command explore with D3 Security how enterprises can bring security, risk and compliance together in order to change the way they think about, and respond to, cyber security threats.

Ransomware Report 2017 — Cybersecurity Insiders

Most organizations are not prepared to protect themselves against ransomware.

Next-Generation Threat Management

Security, risk, and compliance through incident management.

Saving Valuable Time With Incident Response Automation

Increase your incident response efficiency with automation and orchestration.

Legal Collaboration in Cybersecurity Incident Response

How to manage incidents with legal implications.

Why Public Transit Could be the Next Big Cyberattack Target

How leading transportation systems can prepare their response.

Protecting IP in the Pharmaceutical Industry

Incident response strategies for prioritizing intellectual property protection.

ATM Security

Incident response, compliance, and anti-fraud solutions.

Finding the Root Cause of an FTC Data Security Lawsuit

Lessons for using risk assessments to reduce risk and liability.

Quantify Your Corporate Culture – Managing HR Risk

Five best practices for HR investigations in the era of brand protection.

Empowering Hospitals in the Fight Against Ransomware

Exploring the tools and tactics that hospitals can use to protect against ransomware attacks.

Go Beyond Incident Response

In this webinar, a panel of cyber security experts from the Chertoff Group and D3 Security discuss how finding the sources of incidents, and implementing corrective action, are critical to reducing event volume and risk to the organization.

AMD Case Study

How D3 helps AMD manage security incidents across its facilities.

University of Pittsburgh Medical Center Case Study

Learn how UPMC uses D3’s incident management platform across its 20+ hospitals and 55,000 employees.

Go Transit Metrolinx Case Study

How one of North America’s largest public transit systems relies on D3 for incident management, situational awareness, and dispatching.

Your Ticketing System Falls Short of IR

The importance of purpose-built incident response technology.

Using Threat Intelligence to Improve IR

The importance of integrating threat intelligence into incident response processes.

The EU’s GDPR Law

Incident handling procedures to comply with GDPR timelines.

Overcoming the IT Skills Gap

How automation and orchestration can help overcome a lack of experienced cybersecurity personnel.

Improve SIEM and Cyber Resilience

Enhance your SIEM with D3’s bi-directional integrations.

St. Lawrence College Case Study

How St. Lawrence College uses D3 to centralize and modernize incident management.

Benefits of a Unified IR Platform

Why organizations need solutions that bring together SIEM, threat intelligence, and incident response.

SOAR in the Real World Survey

D3 SOAR for Threat Hunting

Active Directory + D3 SOAR

MaxMind + D3 SOAR

Tenable + D3 SOAR

Jira Service Desk + D3 SOAR

ServiceNow + D3 SOAR

Lastline + D3 SOAR

Microsoft + D3 SOAR

Partner Program Overview

CrowdStrike + D3 SOAR

D3 ATTACKBOT

Use This Guide for a Successful SOAR PoC

MITRE ATT&CK Framework Spreadsheet

2019 Gartner Market Guide for Security Orchestration, Automation and Response Solutions

What Makes D3 SOAR Different?

Breach Response Template

Public Sector Case Study

Manufacturing Case Study

SOAR 2.0: Redefining SOAR with the MITRE ATT&CK Framework

Financial Services Case Study

Advantages of the SOAR-Native SOC

FireEye + D3 SOAR

Healthcare Case Study

Fortinet + D3 SOAR

SANS Automation & Integration Survey 2019

Symantec + D3 SOAR

Splunk + D3 SOAR

Palo Alto + D3 SOAR

Micro Focus + D3 SOAR

Cisco + D3 SOAR

Carbon Black + D3 SOAR

How to Deploy SOAR

Join Our Weekly SOAR Demo

Introduction to D3 Security

McAfee ESM + D3 SOAR

Before You SOAR

2018 SINET Innovator Award Presentation

SOAR to Security Automation Quick Wins

SOAR Buyer’s Guide

How D3 Measures Up to Gartner’s SOAR Requirements

How to Prepare for Cyber Security Orchestration

Terrorism in the Pharmaceutical Industry

HIPAA Incident Management

The Ultimate Incident Response Buyer’s Guide

SOAR Like An Eagle: The Key to Fast, Full-Lifecycle Incident Response

D3 + ThreatQuotient

Incident Response in the Energy Industry

GDPR Compliance Report

HR Case Management Solution Guide

GDPR Compliance — 10 Ways An IRP Can Help

Cyber Incident Response Product Guide

Guided Investigations Solution Guide

The Wave of Change – Improving HR Case Management

Financial Crime Case Management

Key Findings from Five Major Cybersecurity Reports

Save Time with VirusTotal & DomainTools

Next-Generation Threat Management Webinar

Ransomware Report 2017 — Cybersecurity Insiders

Next-Generation Threat Management

Saving Valuable Time With Incident Response Automation

Legal Collaboration in Cybersecurity Incident Response

Why Public Transit Could be the Next Big Cyberattack Target

Protecting IP in the Pharmaceutical Industry

ATM Security

Finding the Root Cause of an FTC Data Security Lawsuit

Quantify Your Corporate Culture – Managing HR Risk

Empowering Hospitals in the Fight Against Ransomware

Go Beyond Incident Response

AMD Case Study

University of Pittsburgh Medical Center Case Study

Go Transit Metrolinx Case Study

Your Ticketing System Falls Short of IR

Using Threat Intelligence to Improve IR

The EU’s GDPR Law

Overcoming the IT Skills Gap

Improve SIEM and Cyber Resilience

St. Lawrence College Case Study

Benefits of a Unified IR Platform

Stay up to date with D3!