SANS Review: Automating Detection and Response with Swimlane

A SANS Review of Swimlane’s SOAR solution

Most security operations teams are burdened by overwhelming operational tempo and imperfect implementations of technology, people and process. During the past decade, a succession of security solutions packaged as silver bullets has been introduced to harden the enterprise and provide visibility into network and host-based assets. Many organizations sourced and supported these disparate tools from different vendors, which present challenges to seamless security operations detection, analysis and response.

Swimlane offers integration and interoperability across security teams’ tools, providing a centralized user interface for security teams (analysts) to alert on and triage tracking and case management.

This SANS Review highlights the best-in-breed features of Swimlane: its ease of use, customizability, role-based access control and current technology integrations. It put Swimlane through its paces in a triage of a typical phishing email, applying the concept of componential workflow automation.