Security Orchestration, Automation and Response (SOAR) has emerged as a practical new concept in cybersecurity over the past few years, and one of the vendors in the space is Siemplify.
Since its launch in 2015, the company has established its platform, which it calls an “intuitive workbench that enables security teams to manage their operations from end to end, respond to cyber threats with speed and precision and get smarter with every analyst interaction.”
Dennis Shaya is GM and head of US operations, and talking to Infosecurity recently, he said the company is “in the bullseye of SOAR” and when the company launched in 2015 the category didn’t exist. He said the company and SOAR came about as security analysts were overwhelmed with data and alerts, “combined with tools that do not talk to each other and do not operate effectively.
“Now enter Siemplify, and we like to position ourselves as the workbench so a security analyst can do their job, and that includes a variety of abilities from security orchestration to automation, to the low level tasks,” he said. “We connect the dots across the ecosystem and create this broad portfolio; we automate a wide variety of enrichment and low level triaged tasks, and then we arm the analyst with necessary context in understanding any given threat for them to investigate, remediate and take action in a fraction of the time it takes today.”
He said the process of SOAR begins with bringing data together, where processes can be automated to eliminate noise and the triage of alerts where too much time is spent. “It is two-fold: weeding out information and elevating what is important and providing the context to make decisions much quicker.”
Have the changes to the way organizations work in 2020 impacted the company and the way it works itself? Shaya said there is “an insatiable appetite for our security teams to drive efficiency, effectiveness and productivity” and SOAR is at the center of that appetite. However, in 2020, whilst companies “double down on security for remote activity and with an aggressive push to the cloud, SOAR is at the epicenter of that, so we’re benefiting from some pretty strong tailwinds.”
“The best partnerships are born out of mutual customer demand and value”
Lat week, Siemplify announced a partnership with Check Point, which will involve Check Point reselling Siemplify as its go-to soar solution for all global customers and partners and Siemplify integrating with the Check Point solutions. The companies claimed this would “give security operation center (SOC) teams a single, unified workbench for identifying, triaging and blocking threats with unrivaled speed and efficiency.”
Asked how this partnership came about, Shaya said “the best partnerships are born out of mutual customer demand and value.” He explained the two companies “enhance the value of the joint solution for customers, and that joint value proposition drove this partnership.”
He said that with SOAR sitting inside the security stack, and considering the diverse set of security tools which Check Point offers, there was a natural partnership. “From firewalls to sandboxing and threat intelligence and to some of their most recent moves into cloud enablement we see this as tremendously beneficial considering the global reach of Check Point,” Shaya added.
Eran Orzel, Check Point head of strategic sales and partnerships, said SOAR “complements our Infinity consolidated security architecture,” and that adding Siemplify’s SOAR solution alleviates some of the most pressing SOC challenges that its customers are experiencing.
In particular, the two companies said, as well as the integration enabling better alert handling, automated playbooks in the Siemplify platform integrate with Check Point solutions to automate firewall audits and remediate any rule violations, freeing up SOC analysts to concentrate on higher-order tasks. Also, the integration gives SOC teams access to Check Point SandBlast network threat prevention for automated malware analysis and remediation with the industry’s best malware catch rate.
Shaya concluded said this is a strategic move for Siemplify, “and the opportunity for us is tremendous, and the opportunity and value we provide together to customers is the benefit of best of breed technology.”