Delhi based ACPL Systems has further strengthened its foothold in the information security space. The two decade old technology company recently developed Autonomous Cyber Defence Platform- AttackFence to help organisations to reduce their security incident mean time to resolve (MTTR) from days to minutes by adding orchestration, automation, investigation, response and remediation layer to their existing cyber security infrastructure, with ground breaking log signalling technology. AttackFence increases the efficacy of SOC and incident management teams with effective incident management and threat hunting by automatically investigating the incident, collecting all the validated facts, creating and enforcing containment response and initiating the threat remediation procedures.
It harnessed the capability of SOAR and Advance Detection and Response in Attackfence to address objective and goals from cyber security standpoint. The network sensor and analysis engine together helps to predict and investigate attackers’ behaviour patterns, enabling to detect and stop never-seen-before attacks.
SOC automation using AttackFence log signalling engine ensures logs are available during the investigation. It enriches the events and alerts to eliminate the noise, pre-fetch the threat intelligence at machine speed. It creates an evidence to support decision-making and prioritises the most critical events for L3 Analyst case manager, which is an integral part of the solution and helps the customers to lower the overall MTTR by following the Change Management processes.
The platform helps SOC teams face multiple challenges to identify, protect, detect, remediate and recover from cyber incidents. Security analysts are getting drained with alerts day in day out. They have to perform time-consuming tasks like removing false positives, performing repetitive responses, and keeping up with alerts from different security tools. They find it difficult to coordinate with multiple security products deployed in the most effective way. Also, the enablement of junior or new analysts remain a challenge. SOC Managers face tough time in quantifying the RoI that security tools bring to their SOC. They constantly face SLA pressures along with struggle to reduce MTTR. Finally, the issue of the skills gap always remain; any senior analyst leaving the organisation can result in a fatal loss of expertise and a step back for the SOC.
This platform enables the security teams to investigate possible malicious activities faster pace to minimise the response time. It performs investigative security actions from the Mission Control interface without losing context of the investigation. AttackFence response is not just limited to containment of host but also remediate it. DASHBOARD AttackFence provides unified window of analysed, benign and remediated data by orchestrating automation, investigation, containment and remediation capabilities that allow analysts to offload repetitive tasks and focus their attention on making the most mission-critical decisions. Organisations are able to improve security and better manage. risk by integrating teams, processes and tools together.