Sometimes there’s no way around the need for human analysis, but that does not mean you can’t lend them a hand. You can save them time and accelerate processes for alert triage and incident response by collecting data from other internal tools, gathering threat intelligence around an indicator in question (such as an IP address, URL, or file hash), and automating other mundane tasks that take up your analysts’ precious time.
Incident Response Case/Ticket Management Automation
The LogicHub platform includes a built-in case management solution for incident tracking and triage, including a new ability to configure case types with automatic response commands (with configurable trigger and approval criteria).
Prefer your existing case management solution? LogicHub integrates with a large number of popular incident management solutions already, such as ServiceNow and Jira. Leverage the tribal knowledge of your SOC analysts to include steps to create, search, update, and even close cases automatically within your automation playbooks.
Automated SMS User Interaction
There are lots of ways to detect unusual user behavior, but unusual does not always mean bad. It can be difficult (perhaps impossible) to tell the difference between a real user’s benign change of behavior from a change resulting from a compromised account. What if you could simply ask the user about what’s behind the change?
Using an integration with a third party SMS service (Twilio), LogicHub can notify a user of suspicious activity via SMS notifications and ask whether they performed the suspicious action in question. Based on your user’s response (or lack thereof), a variety of actions can be taken, such as escalating to the user’s manager, generating an incident with the SOC or fraud team, or even disabling the account until the user is reached or an investigation is concluded.
Customers Tell Our Story Best
SOAR+ is the product of customer feedback. LogicHub would not be here if it wasn’t for our customers and our community of thought leaders that help us every day make our platform the best it can be. We could not ask for more loyal and generous community.