Integration Combines ARIA SDS with Security Orchestration, Automation, and Response (SOAR) to Deliver Unparalleled Ability to Detect and Stop Network-Borne Attacks
ARIA Cybersecurity Solutions, a CSPi business, delivers a software-defined approach for improved cyber-attack incident response, including threat detection, investigation, attack containment and proactive protection, today announced a product integration with Demisto, a Palo Alto Networks company and leader in security orchestration, automation, and response (SOAR). The integration delivers the unique capability to surgically stop cyber-attacks without taking devices or applications off-line, including IoT and other devices that can’t run agents or EDRs for protection.
The ARIA Software-defined Security (SDS) solution was engineered to work seamlessly with other security tools, such as Demisto’s SOAR offering, through open, restful APIs to orchestrate the security and protection of high-value assets from cyberattacks across an organization’s environment. The ARIA Packet Intelligence application is the ideal complement to Demisto as it provides access to every packet traversing the network which closes a sizable east-west traffic threat surface. ARIA SDS threat intelligence ingested by Demisto is then leveraged for automated incident data enrichment, real-time investigation or post investigation reporting.
“Our integration with ARIA SDS helps security teams standardize their incident response processes, execute repeatable tasks at scale, and accelerate time to detect and respond to threats. We are excited to be working with a partner like ARIA Cybersecurity Solutions,” said Matt Chase, Director Cortex Alliances.
“It was immediately apparent just how powerful the automation around threat investigation and containment with the combination of Demisto and our ARIA Packet Intelligence application would be,” stated William Bent, VP Cybersecurity Product Management, “With the integrated solution, organizations can count on ARIA to provide better visibility of threats within network traffic, but then also use that insight to initiate threat verification and containment using security playbooks within Demisto. For example, when a playbook is triggered, Demisto can direct ARIA to take action, such as shutting down threat conversations between devices. This decisive and unique approach stops any potential cyber-attack while leaving critical devices on-line and legitimate businesses processes operational.”
Demisto Enterprise integrates with hundreds of security products and enables customers to build playbooks for different security processes. These playbooks incorporate a combination of automated tasks and manual best practices to standardize and scale incident response. Demisto’s playbooks help reduce MTTR (mean time to respond) for security incidents and free up time for security teams to conduct deeper investigations. In addition, the case management and machine learning capabilities help security teams maintain incident oversight and improve their security posture over time.