AlgoSec, the network security management vendor, announced a new integration with the IBM Resilient Incident Response Platform (IRP), enabling organisations to tie security incidents and attacks directly to the business processes that could be impacted.
AlgoSec’s integration provides security analysts with the ability to enrich the Resilient IRP with critical business and network context to immediately assess an incident’s potential business impact, and to prioritise and automate remediation efforts accordingly.
Benefits of integration
The integration helps organisations to streamline and accelerate their IR processes by automating time-consuming security changes
Leveraging Resilient’s open application programming interfaces (API), the AlgoSec integration with Resilient allows joint users to:
- Quickly highlight in the Resilient dashboard which applications are impacted by an incident, and how business-critical those applications are
- Automatically associate security incidents with the applications, servers, network connectivity flows and security devices impacted by an attack
- Identify network connectivity to and from compromised servers, such as connectivity to the internet or to sensitive networks
- Automatically implement change requests to quickly isolate compromised servers from the rest of the network and the public Internet
- Get key insights to assist with cyber-threat forensics and compliance reporting
With this new integration, security analysts can quickly reduce the impact of attacks on the business. The AlgoSec integration for the Resilient IRP helps block attempts at data exfiltration and makes it more difficult for hackers to move laterally within the network from affected servers. The integration helps organisations to streamline and accelerate their IR processes by automating time-consuming security changes and proactively analysing business risk.
Linking cyber-attacks to targeted applications
The new AlgoSec integration with IBM Resilient enables joint customers to link cyber-attacks directly to the business applications that are being targeted"“SOC teams need to quickly sift through the volumes of complex alerts they receive each day, to identify the attacks that could affect key business processes and take action before they cause disruption and damage,” said Anner Kushnir, VP of Technology at AlgoSec.
“The new AlgoSec integration with IBM Resilient enables joint customers to link cyber-attacks directly to the business applications that are being targeted, and then prioritise and automate their remediation efforts based on the attack’s severity and risk to the business – aligning incident response processes with the overall business strategy.”
As part of this integration, AlgoSec has extended their offerings on the IBM Security App Exchange, a marketplace where developers across the industry can share applications based on IBM Security technologies. As threats are evolving faster than ever, collaborative development amongst the cyber community will help organiations adapt quickly and speed innovation in the fight against cybercrime.