IT and Security Operation Automation

All the functionality is available hassle free from the GUI without any scripting skills. There is a built-in parser for any data coming from any source (miner). Interconnector allows the syslog to trigger an action type script. That script runs with input data extracted from the syslog source (miner) and processes the action (such as API call or database query) immediately in real-time. An action can be processed automatically or semi-automatically (requires human approval).

How does it work?

Interconnector Scheme

The typical use case is to extract values from syslog and use them as data for API calls during incident handling procedures.

Speed-up mitigation time 10x

Legacy manual process

  1. Detection tool sends a malicious IP address to the Security Operation Center
  2. SOC analyst has to manually verify the IP address against Cyber Threat Intelligence services such as virustotal, MISP database etc.
  3. If the IP address is reported as malicious or a part of an attacker kit, it will be blocked by a firewall based on manual administrator reconfiguration

This process takes minutes and there is a risk of human error.
SOC analysts manage tens of similar repetitive tasks on a daily basis and struggle with change management overloading.

Synapsa Interconnector automation process

  1. Detection tool sends a malicious IP address to Synapsa Interconnector
  2. Synapsa automatically verifies the IP address against Cyber Threat Intelligence services such as virustotal, MISP database etc.
  3. Synapsa automatically triggers the appropriate action to the mitigation device

This process takes milliseconds without the risks of human errors and change management overloading.
Synapsa has no alert fatigue, no analyst burnout and works 24/7.

Would you like to discover more?

Synapsa Interconnector - Built in integrations

The list is never final. We are constantly developing new integrations.
Palo Alto
  • Next Generation Firewall
  • Predefined API calls for automated threat mitigation, incident respons, and firewall policy auditing
  • Custom, miner-based and built-in data feeds to use external dynamic lists (EDL) for policy management and enforcement
  • Fully automated or semi-automated rulesets deployment
  • CVEs monitoring and alerting
Flowmon ADS
  • Network Detection and Response, Anomaly Detection System
  • Predefined miner for network cyber threats and anomalies
  • Prepared parsers for automated threat mitigation and incident response based on security events detection
  • Automated creation of IP address data feeds for external dynamic lists usage
Check Point
  • Next Generation Firewall with management server
  • Predefined API calls for automated threat mitigation, incident response and firewall policy auditing
  • Custom, miner-based and built-in data feeds to use external dymanic lists for policy management and enforcement
  • Fully automated or semi-automated rulesets deployment
Fortinet
  • Next Generation Firewall - Fortigates and Forti Manager
  • Predefined API calls for automated threat mitigation, incident response and firewall policy auditing
  • Custom, miner-based and built-in data feeds to use external dymanic lists for policy management and enforcement
  • Fully automated or semi-automated rulesets deployment
Suricata
  • Intrusion Detection System
  • Predefined miner for signature based IoCs
  • Prepared parsers for automated threat mitigation and incident response based on security events detection
  • Automated creation of IP address data feeds for external dynamic lists usage
Sophos
  • Firewall
  • Predefined API calls for automated threat mitigation and incident response
  • Fully automated or semi-automated rulesets deployment

This website use cookies and analytical data. In case you agree with that please click on the "I agree" button bellow. Details can be found on a page Information for the processing of personal data.