The ability for organizations to adapt and customize solutions to fit unique operational needs is critical. fernao magellan GmbH, a leading Managed Security Service Provider (MSSP) in Germany, has demonstrated how leveraging customizable security automation can transform security operations (SecOps). fernao magellan uses Swimlane’s security automation platform to address their challenges, like alert fatigue, siloed tools, and false positive alerts, empower their analysts, and drive unprecedented efficiency in their security operations.
In a recent interview Mike Schneider, senior analyst leading of the computer emergency response team (CERT) at fernao magellan, shared why Swimlane’s security automation platform was the only vendor on the market that could meet their deployment and customization requirements.
Continue reading to discover how fernao magellan customized 140 SOAR use cases in two years, or read the full case study here.
Top Considerations for Choosing a Security Automation Vendor
When Schneider and his team were seeking a security automation solution, Schneider had clear criteria:
- Support for on-prem deployments
- Flexible enough to satisfy diverse client needs and processes
- Trusted by the cybersecurity community
- Easily customizable for internal SecOps team
After careful consideration, Swimlane emerged as the security automation vendor of choice, meeting all these needs and more.
“We needed a security system that could ‘take the trash out’ so we could focus on the alerts that were really serious,” Schneider said. “This solution needed to not only be dependent on the security automation system itself but dependent on the analyst too. We needed a solution that could make use of the experience of our analysts but also automate our processes and give us the main alerts that were serious and we needed to focus on.”
Why No-Code is No Good for fernao magellan
Another key requirement for fernao magellan was a security automation tool that could be used effectively by analysts with advanced coding skills. Swimlane’s security automation platform supports custom Python coding for developers who desire maximum flexibility and high customization. As Schneider pointed out, a no-code solution could never be flexible enough for their needs. The ability to customize Swimlane was essential for maximizing the analysts’ contributions and enhancing overall operational effectiveness.
“When a tool is no-code, it will never be flexible enough,” Schneider stated. It’s just not possible. The ability to use python is essential for the flexibility MSSP needs”.
How Security Automation Enhanced fernao magellans’ Operational Efficiency
With Swimlane, fernao magellan could easily customize reports to meet various customer preferences, enhancing client communication and satisfaction. The platform’s ability to seamlessly automate processes, from alert triage to threat intelligence, streamlined workflows and reduced manual effort. This led to significant time savings, allowing analysts to focus on proactive threat detection and incident response strategies. By utilizing Swimlane’s case management, fernao magellan was able to integrate all of its tools and processes into one system of record.
“Jumping in and out of different tools and platforms is not efficient,” Schneider said. With Swimlane we integrate all of our tools and processes under one single pane of glass.”
140 Customized Use Cases in 2 Years
In less than two years, fernao magellan implemented 140 customized use cases with Swimlane. This enhanced their operational capabilities and efficiency, making them a standout MSSP in the market. Key results included:
- Reduction of false positives: Swimlane’s filtering ensured only important threats were escalated, allowing the team to focus on critical alerts.
- 30% time savings with centralized case management: By integrating enrichment, threat intelligence, and case management into one tool, fernao magellan greatly reduced context switching, and complexity.
- Additional 30-70% time savings per use case: Using automation to close cases instead of the analysts allowed analysts to shift focus from manual tasks to proactive threat detection and incident response.
The Value of a People-First Approach
Swimlane’s reputation among industry peers spoke volumes, making Schneider’s decision easy. However, it is Swimlane’s exceptional support team that truly sets it apart from other vendors. “Whenever we have an issue, it never takes more than 5 minutes to receive the assistance needed,” Schneider said, emphasizing the reliability and effectiveness of Swimlane’s customer support. “I’ve consistently had excellent experiences with Swimlanes customer support.” Schneider’s endorsement of Swimlane highlights the platform’s outstanding support and its transformative impact on their operations.
Fortifying Your Security Operations with Modern SOAR
Join low-code automation expert Jay Spann as he shows you how you can fortify your security operations – both inside and outside the SOC – with modern SOAR.