Presentation is loading. Please wait.

Presentation is loading. Please wait.

MSSP Security Orchestration Shopping List

Published bySiemplify Siemplify Modified over 4 years ago

Similar presentations

Presentation on theme: "MSSP Security Orchestration Shopping List"— Presentation transcript:

1 MSSP Security Orchestration Shopping List

2 Introduction To say that MSSPs have a security orchestration challenge is the understatement of the century. But not just any security orchestration platform can satisfy the multi-tenant requirements of MSSPs. Managed security services providers (MSSPs) can teach a master class on today’s threat landscape.

3 MSSPs and SOC With dozens of client environments to monitor, MSSPs get a broad view of what it takes to detect, manage and respond to cyberthreats of all kinds. And don’t get us started about all the false positives to be addressed day in and day out. MSSPs are also in the unique position of needing to understand how to fully leverage the vast landscape of security tools. Whereas an enterprise security operations team (SOC) would need the capabilities to manage one SIEM, for example, an MSSP needs to be prepared to manage a variety of client-selected technologies.

4 SIEM & WAF From SIEMs and web application firewalls (WAF) to intrusion detection systems (IDS) and anti-malware solutions, MSSPs must be ready to manage them all. Below is a quick look at what you should be looking for when exploring security orchestration solutions if you, or someone you love, is part of an MSSP. security orchestration solutions

5 Security Orchestration Table Security orchestrationSecurity orchestration should provide a centralized security operations platform as the nucleus of its security management. A single console provides MSSPs with a centralized, detailed view of multiple customers. Within the scope of security orchestration are core features and functionality that should be considered table stakes for any organization.

6 Triage and Case Management Triage Streamline alert management and the triage process by eliminating noise, grouping related alerts, and integrating multiple data sources to provide and enrich insight across grouped alerts. Case Management Manage the entire SOC through a complete view presented in a single pane of glass, which analysts can use as their primary workbench.

7 Playbook Library & Case Visualization Playbook Library Accelerate time to value with an out-of-the-box playbook knowledge base that drives the full range of playbook requirements and provides a balance between automation and analyst interaction. Case Visualization Visual representation of each case provides an intuitive understanding of complex cases and threats in a fraction of the usual time required.

8 Reporting & Case Reduction Reporting One-click reporting of activity and KPI measurements to customers. Automation of reporting and distribution process. Case Reduction & Clustering Reduces caseload via graph contextualization, clustering of contextually relevant cases, and automated case prioritization.

9 Cyber Ontology

10 Reporting & Case Reduction Automation Automate cumbersome manual processes with a machine-speed response. Typical processes ripe for security automation include data normalization, alert filtration and consolidation and case enrichment.security automation Playbook and Workflow Authoring Playbook design capability to create and implement analyst-customized workflows (without scripting).

11 Additional MSSP Requirements ● Be sure to look for solutions that go beyond core security orchestration functionality to include these capabilities, tailored to the needs of MSSPs: ● Adapt workflows for similar use-cases to specific customers ● Integrate SLA expectations with KPI performance measurement and reporting ● Provide customer visibility through automated reporting and distributed dashboards ● Collaboration between MSSP security professionals and customer resources ● Health monitoring across MSSP customer base

12 Multi Tenancy Multi-tenancy (at the environmental level, and in terms of data, permissions, dashboard, reporting, and unique customer playbooks) is crucial for any MSSP who wishes to reap the full value of security orchestration across its customer base and to give teams the proverbial single pane of glass access and vision.

13 MSSP Multi-Tenancy

14 Integration Given the infinite possible configurations, a security orchestration solution must have the capability to integrate with any environment. Out-of-the-box integrations offer an important solution, as well as an architecture that supports easily expanded integrations with the endless data sets MSSPs will encounter. For example, multiple SIEMs and non-standard alert sources, including e-mails.security orchestration

15 MSSP Techstack

16 Let’s Go Shopping For a deeper look and a full security orchestration shopping list, download our MSSP buyer’s guide for security orchestration and automation.security orchestration shopping list

Download ppt "MSSP Security Orchestration Shopping List"

Similar presentations

XProtect ® Professional Efficient solutions for mid-sized installations.

XProtect ® Professional Efficient solutions for mid-sized installations.
XProtect ® Express Integration made easy. With support for up to 48 cameras, XProtect Express is easy and affordable IP video surveillance software with.

XProtect ® Express Integration made easy. With support for up to 48 cameras, XProtect Express is easy and affordable IP video surveillance software with.
HP Quality Center Overview.

HP Quality Center Overview.
Key Considerations for Report Generation & Customization Richard Wzorek Director, Production IT Confidential © Almac Group 2012.

Key Considerations for Report Generation & Customization Richard Wzorek Director, Production IT Confidential © Almac Group 2012.
The Most Analytical and Comprehensive Defense Network in a Box.

The Most Analytical and Comprehensive Defense Network in a Box.
Www.encase.com Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,

Mel Pless, Sr. Director, Solutions Consulting Guidance Software, Inc. Let’s Get Right To The Endpoint Leveraging Endpoint Data to Expose,
The Most Analytical and Comprehensive Defense Network in a Box.

The Most Analytical and Comprehensive Defense Network in a Box.
PO320: Reporting with the EPM Solution Keshav Puttaswamy Program Manager Lead Project Business Unit Microsoft Corporation.

PO320: Reporting with the EPM Solution Keshav Puttaswamy Program Manager Lead Project Business Unit Microsoft Corporation.
Alert Logic Security and Compliance Solutions for vCloud Air High-level Overview.

Alert Logic Security and Compliance Solutions for vCloud Air High-level Overview.
© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Confidential. For Channel Partners only. Do not distribute. C97-721796-00.

© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Confidential. For Channel Partners only. Do not distribute. C
1 Warranty and Repair Management For Infor XA Release 7 WARM Denise Luther – Sr. XA Consultant WARMS Technical Manager CISTECH, Inc. Rod Fortson – Sr.

1 Warranty and Repair Management For Infor XA Release 7 WARM Denise Luther – Sr. XA Consultant WARMS Technical Manager CISTECH, Inc. Rod Fortson – Sr.
Oracle Application Express. Program Agenda Oracle Application Express Overview Use Cases Key Features Packaged Applications Packaging Pricing Call to.

Oracle Application Express. Program Agenda Oracle Application Express Overview Use Cases Key Features Packaged Applications Packaging Pricing Call to.
Introduction – Addressing Business Challenges Microsoft® Business Intelligence Solutions.

Introduction – Addressing Business Challenges Microsoft® Business Intelligence Solutions.
Last Updated 1/17/02 1 Business Drivers Guiding Portal Evolution Portals Integrate web-based systems to increase productivity and reduce.

Last Updated 1/17/02 1 Business Drivers Guiding Portal Evolution Portals Integrate web-based systems to increase productivity and reduce.
1 1 Securing (Accountability for) Cloud Content Peter McGoff – SVP and General Counsel.

1 1 Securing (Accountability for) Cloud Content Peter McGoff – SVP and General Counsel.
2015 NetSymm Overview NETSYMM OVERVIEW December 2015 2015.

2015 NetSymm Overview NETSYMM OVERVIEW December
Smart cloud orchestrator - the first implementation in the world at Wroclaw University of Technology for supporting design processes in education at universities.

Smart cloud orchestrator - the first implementation in the world at Wroclaw University of Technology for supporting design processes in education at universities.
SG SCM with MKS scmGalaxy Author: Rajesh Kumar

SG SCM with MKS scmGalaxy Author: Rajesh Kumar
ECAT 4.1 – Rule Your Endpoints What’s New Customer Overview.

ECAT 4.1 – Rule Your Endpoints What’s New Customer Overview.
ABOUT COMPANY Janbask is one among the fastest growing IT Services and consulting company. We provide various solutions for strategy, consulting and implement.

ABOUT COMPANY Janbask is one among the fastest growing IT Services and consulting company. We provide various solutions for strategy, consulting and implement.

Similar presentations

Ads by Google