Automated Threat Mitigation (ATM)

There is a time delay between the threat detection and an adequate response due to the need to analyze each alert and event and the adherence to the communication workflow between the departments concerned, which manage different tools. Synapsa receives syslog message from detection tools and Interconnector takes all necessary steps. It automatically recognizes triaged event and mitigates threat or allow to Security Operation ‘one click’ threat blocking on devices which are not in their administration based on predefined rules.At the end, IT and Security Operation teams receive the report and forensics can be executed.

Incident response is a critical, time-sensitive activity, and in virtually all organizations security analyst time is scarce. It is impossible to manually review and investigate all alerts from modern security tools. Synapsa allows to use event collection based on syslog, webhook or even plain text, triage it, double check with integrated lookup services using external or internal Threat Intelligence sources and based on predefined rules runs the incident response tasks automatically. It significantly reduces time to execution, mitigates a critical incident, preventing malware from spreading or stopping attackers from doing any more damage.

Cyber threat or attacker recognition

icon

Automatic or On-Approval mitigation

icon

Immediate result notification

icon

This website use cookies and analytical data. In case you agree with that please click on the "I agree" button bellow. Details can be found on a page Information for the processing of personal data.