SOAR Use Case: Automated EDR with Swimlane (38:18)
Complete the form to watch the webinar.
Endpoint detection and response (EDR) is often performed in an ad-hoc, manual and labor-intensive fashion as analysts are often required to toggle between tools to review binaries, sandbox them and perform open source intelligence research. Next, in this time-consuming process, analysts have to correlate the information gathered and determine whether the binary is truly malicious, and then they have to decide whether to remediate a host–usually engaging a second team.
Much of this process can be automated with a security orchestration, automation and response (SOAR) solution. Analysts are empowered with a simpler, less labor-intensive process to review automatically-completed research and the ability to initiate automated remediation.
Watch this webinar to learn from Swimlane’s Jay Spann and Nick Tausek how to build a detailed use case on automated EDR with SOAR.