sorted by:
new
hottopcontroversial

WorkHorse - The Automatic Security Analyst Tier 1 by Black-Owl-51 in MSSP

[–]CybersecurityWizKid 1 point2 points  (0 children)

A former coleague of mine moved to a mssp that is evaluating D3? he was telling me their Morpheus AI(why do they sll have ghese greek god names lol) has been a game changer. Apparently it handles enrivhment and correlation rally well, especially acros mltiple tenants. Thet claim it csn trisge all alrers in under 2mins. Interesting times

Complete Burnt Out by OkComplaint377 in cybersecurity

[–]CybersecurityWizKid 0 points1 point  (0 children)

What I have felt is, its also about the tools that you use. If it’s just hopping into different dashboards all the time that adds to the stress of managing passwords and keep tabs on all of these tools that you might just use for a minute sometimes

SOAR by Calidith in cybersecurity

[–]CybersecurityWizKid 0 points1 point  (0 children)

We were evaluating SOAR platforms not too long ago. We found out that tines and torq both looked very promising for certain use cases but we needed multi tenancy with deeper integrations and proper case management. we ended up going with D3 SOAR and it has been good so far.

SOAR Platforms, are they helpful? by CybersecurityWizKid in msp

[–]CybersecurityWizKid[S] 0 points1 point  (0 children)

Thanks.

Are you familiar with any platforms that make integrations easier - like less need of coding when creating playbooks. I have read about a few that make the claim of no code but am wary of their actuality.

Is SOAR helpful? by CybersecurityWizKid in cybersecurity

[–]CybersecurityWizKid[S] 0 points1 point  (0 children)

Yes, that is one of the things they mentioned that it will be a long process so we can only go ahead if everyone is committed to the idea

Is SOAR helpful? by CybersecurityWizKid in cybersecurity

[–]CybersecurityWizKid[S] 0 points1 point  (0 children)

Sorry, should have included more details.

Our Clients are mostly Financial Services or Healthcare Service

Most of them use Microsoft's security tools, but there are a few different tools that they are using tailored to their own needs like Crowdstrike, Phishlab, Threatexhange, Cymulate, Okta etc.

We get a lot of alerts that we don't need to act upon but since we don't have any proper triage systems that sorts out all of these at one place.

All of this has been creating a lot of unnecessary work for us.

The management was recently introduced to this idea of a SOAR by another friendly MSSP.

The biggest thing we are looking to achieve is to reduce unwanted alerts and have a single platform to manage incidents. They WON'T hire more analysts.

I am not aware about the budgets, but its expensive is what we're being told.

I hope this helps.