Action Module transforms incident response, enabling automated action and intelligence
Resilient Systems (formerly Co3 Systems), the leading Incident Response Platform (IRP) provider, today announced the launch of its Action Module, the first and only active platform for Incident Response (IR), and the latest innovation to its Incident Response Platform. The Action Module enables advanced Incident Response for any type of attack by connecting with all cybersecurity systems, supporting automatic execution of custom actions, and providing the tools and intelligence to orchestrate rapid and effective response when time matters most.
Action Module easily integrates with an organisation’s existing cybersecurity systems, automatically leveraging them to take action or collect critical information during a security incident – establishing a central hub for response coordination and collaboration.
“In Incident Response, people are essential – more than other realms of cyber security – and automating certain response processes enables people to be more strategic and to focus where the human element is needed,” said Bruce Schneier, Chief Technology Officer, Resilient Systems. “As cyber risks continue to mount, companies need to focus on improving IR – and with the Action Module, businesses empower their teams to react quicker and make smarter decisions daily, and in the face of cyberattacks.”
Without needing specialised programming skills or extensive professional services, security leaders can set rules and stipulations that guide the Action Module to take specific actions:
Gather advanced incident intelligence: This could include calling on a directory to look up an IP address of an endpoint where unusual activity has been identified, gathering endpoint forensics to compare the status before or after an incident, or accessing threat intelligence feeds to look up and identify insight on malicious actors.
Act automatically to mitigate incidents: The Action Module can take any action, leveraging any of the company’s existing systems. This could include quarantining infected systems to stop any risks of damage to a network, or analysing suspected malware.
“We’re thrilled to announce the latest advancement in Incident Response. We built the Action Module alongside our customers – some of the world’s most capable organisations – and we think it’s the industry’s next critical step,” said John Bruce, CEO and co-founder, Resilient Systems. “For the first time, businesses can actively mitigate any conceivable security concern, and get the context they need to respond swiftly and appropriately. And Resilient Systems is the hub that ties it all together.”
The Action Module was designed in collaboration with Resilient Systems customers, including several of the world’s most prominent brands in the technology and finance industries. It is already in use at these organisations and is available immediately to help organisations better orchestrate any conceivable threat scenario.
“The Action Module is beneficial because it can increase the value of the tools businesses are already familiar with, while enabling teams to create the custom actions that best suit their organisations,” said Jon Oltsik, Senior Principal Analyst, Enterprise Strategy Group. “By giving companies a central hub for Incident Response, the Action Module can make security teams more consistent, strategic, and smarter, while helping to accelerate response processes.”
Duo Security RSAC 2015 – Register to win a free Quadcopter
About Resilient Systems
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.