We have implemented SOAR – how does Mandiant Automated Defense fit?
Security engineering teams can program
SOAR platforms to automate analyst tasks, i.e., data collection,
correlation, enrichment, and assisting in responding to low-level,
repetitive security events. Automated Defense is pre-built software
that automates the analysis, investigation, and triage 'at the front
line' of security decision-making, vetting all events before the SOAR
needs to take action. Automated Defense is ready to work on day one,
with no programming required, and elevates security teams to
remediation and response activity. Automated Defense integrates with
the leading SOAR systems sending incidents and supporting evidence to
the SOAR for automated remediation.