CORTEX XSOAR
Cortex XSOAR is a comprehensive SOAR platform that automates and standardizes security processes for faster response times and increased team productivity.
SyntheticSun is a defense-in-depth security automation and monitoring framework that utilizes threat intelligence, machine learning, managed AWS security services, and serverless technologies to prevent, detect, and respond to threats. It uses event- and time-based serverless automation to collect, normalize, enrich, and correlate security telemetry in Kibana. It leverages threat intelligence, geolocation data, open-source intelligence, machine learning (ML) backed anomaly detection, and AWS APIs to identify potential threats. Additionally, it utilizes Random Cut Forests (RCF) and IP Insights unsupervised ML algorithms to identify anomalies in timeseries and IP-entity pair data. It dynamically updates AWS WAFv2 IP Sets and Amazon GuardDuty threat intel sets to enhance protection against known threats.
Cortex XSOAR is a comprehensive SOAR platform that automates and standardizes security processes for faster response times and increased team productivity.
A mature SIEM environment is critical for successful SOAR implementation.
CimSweep is a suite of CIM/WMI-based tools for incident response and hunting operations on Windows systems without the need to deploy an agent.
A Serverless Security Orchestration Automation and Response (SOAR) Framework for AWS GuardDuty with various supported actions.
A System for Abuse- and Incident Handling with log file analysis capabilities.
CrowdStrike Falcon Orchestrator is a Windows-based application for workflow automation and security response.