Posts

Ayehu Automation Software Makes Gartner’s List of Security Operations, Analytics and Reporting Solutions

Ayehu Security Incident Response Automation Software Mentioned in Latest Gartner Research ReportAyehu Software Technologies Ltd., leading provider of enterprise-grade IT process automation software solutions is pleased to announce its inclusion in the latest report from respected IT research firm Gartner (#3166239). In this most recent publication, Ayehu was listed as a trusted provider of automation for security operations, analytics and reporting (SOAR) needs.

The 15 page report, entitled Innovation Tech Insight for Security Operations, Analytics and Reporting, examines how SOAR technologies go hand in hand with workflow management and automation. When strategically aligned, these two critical business areas will provide security operations teams with the ability to prioritize and automate much of their day to day activities, as well as collect, compile and report relevant data to enable better business decision making.

Some of the key takeaways of the report include identification of the three primary types of SOAR technology (security incident response, security operations automation and threat/vulnerability management) as well as how SOAR works in conjunction with vulnerability assessment (VA), governance, risk and compliance (GRC), security information and event management (SIEM) and user/entity behavior analytics (UEBA).

Furthermore, the Gartner report sheds light on the fact that few individual SOAR solutions are capable of effectively addressing the entire security operations management (SOM) life cycle. To combat this, the research firm recommends that security operations teams use available technologies to assess risk and vulnerability, prioritize operational activities, automate and enforce response and remediation workflows and more. Among the list of security automation software vendors is Ayehu’s eyeShare product.

“Gartner is certainly one of, if not the most respected authorities in the realm of IT research and reporting,” comments Gabby Nizri, Co-Founder and CEO of Ayehu, Inc. “Once again, we are truly honored to be recognized for our dedication and commitment to the IT automation industry. More importantly, we hope this report will help security operations teams to better arm themselves against the many threats that are out there so they can keep their organizations safe.”

About Gartner

Gartner, Inc. is the world’s leading information technology research and advisory company. They specialize in conducting, compiling and delivering technology-related insight to help IT professionals  and business leaders make sound decisions. Gartner is headquartered in Stamford, CT and currently employs 6,600 associates, including more than 1,500 consultants, research analysts and clients in 85 countries. For more information, please visit www.gartner.com.

About Ayehu

Ayehu provides IT Process Automation solutions for IT & Security professionals to identify and resolve critical incidents, simplify complex workflows, and maintain greater control over IT infrastructure through automation. Ayehu solutions have been deployed by major enterprises worldwide, and currently support thousands of IT processes across the globe. The company has offices in New York and Tel Aviv, Israel. For more information please visit www.ayehu.com





eBook: 5 Reasons You Should Automate Cyber Security Incident Response




Should You Automate Security Incident Response?

Should You Automate Security Incident Response?There’s no question that incidents of cyber-security violations are on the rise. In fact, the numbers are steadily climbing at an alarming rate. In 2013, the number of incidents increased by an incredible 48%. The following year, security breaches rose another 23%. With statistics like this, it’s becoming increasingly evident that businesses must be proactive and extremely diligent about protecting their sensitive data from falling into the wrong hands. Could automated security incident response be the answer?

In years past, the traditional 4-step method of managing security incidents was sufficient. IT personnel would prepare as much as they could for possible attacks and spend a great deal of their time analyzing the events that were detected to determine their legitimacy and severity. From there, the next step was to contain or eradicate the problem and work toward system recovery as quickly as possible. IT would then evaluate their response to develop better practices for use in the future. For a while, this was enough to keep cyber-attackers in check.

Unfortunately, with online security breaches becoming much more frequent and sophisticated, the old method for security incident response is no longer effective. It’s simply not fast enough, nor is it proactive or thorough enough to keep up with the changing demands. Today, IT personnel just don’t have the capacity to handle such an influx of threats, nor do they have the time or bandwidth to evaluate and address every event as it comes in. This can lead to devastating and costly breaches.

When you add automation into the security incident response process, however, all of these shortcomings can be addressed and eliminated. With a quality automation product, the IT department can streamline their incident management process. Incoming events are detected and the system automatically evaluates, prioritizes and escalates. This eliminates false positives and ensures that legitimate threats are always detected, reported and addressed in a timely manner.

Additionally, automation can then facilitate a seamless, closed-loop process, updating the incident log, resolving alerts and tracking and documenting all processes to be used for developing best practices moving forward. An automated system can also help IT departments to become more proactive by identifying and mitigating vulnerabilities. Most importantly, with an automated process, systems can be back up and running much faster, reducing costly downtime and improving customer satisfaction.

Today’s automation products can be easily and seamlessly integrated with existing incident management programs, such as Solarwinds and Servicenow, to extend and enhance legacy systems without the need for an entire platform replacement or overhaul.

With cyber-attacks steadily on the rise, businesses of every shape, size and industry are at risk of becoming victims. The best way to protect yourself, your organization and those whose sensitive information may be at risk is to establish a solid security incident response plan.

Is your company protected?


eBook: 5 Reasons You Should Automate Cyber Security Incident Response




More IT Process Automation Needed for Security Incident Response

Security Incident ResponseWe’ve mentioned it in many past articles, but unfortunately for Target, their massive security breach in 2013 has become somewhat of a poster child for poorly executed security incident response. Investigations of the breach revealed that multiple alerts of the malware infection were sent. They just weren’t addressed as they should have been…and we all know how that ended for the retail giant. But what does this mean for other businesses? Should you be worried about becoming the next ship to sink at the hands of hackers?

The answer to that question lies in the harsh reality of cyber-attacks. According to a recent report by threat detection vendor Damballa Inc., a typical organization faces an average of 10,000 security events each day. Some larger firms may face upwards of 150,000 events on a daily basis. Furthermore, the report also found that most of the companies surveyed are managing nearly 100 infected machines daily. Given such massive and eye-opening numbers, it’s easy to understand why these breaches occur. There simply are not enough trained people to handle such an influx of events.

Since bringing in additional human capital isn’t a viable option for most businesses, the best solution is to incorporate IT Process Automation into the security incident response process. In fact, 100% of the participants in the Damballa survey agreed that automating manual incident response is the key to managing security needs moving forward.

One solution many enterprises have adopted is a security information and event management (SIEM) strategy. While this is certainly a good place to start, relying solely on an SIEM plan will likely leave businesses more vulnerable than they may realize. Damballa’s CTO, Brian Foster, describes it this way: “With SIEM, you’re getting partial pictures of an elephant, but never the entire elephant.” Much time is also often wasted on false positives and whittling down which incidents truly require attention.

As a more favorable alternative, Foster recommends taking a more comprehensive approach to security incident response by introducing IT automation into the process. The ideal scenario would involve not just pinpointing legitimate alerts, but doing so in a way that is proactive. If an enterprise can implement a security incident response strategy that includes IT Process Automation and can manage incidents in a way that mitigates issues before they develop into an actual problem, the process will be a resounding success.

IT Process Automation can also save a company massive amounts of wasted human capital. According to the 2013 Ponemon Institute Report, it takes IT personnel an average of 90 days to discover a security breach manually. Once discovered, it can then take four months or more to actually resolve the issue. With the right technology in place, the time it takes to discover incidents can be reduced to just one day. As a result, that organization can realize a reduction in “man-days” of approximately 8,633. That’s a pretty compelling statistic.

Obviously, there’s no way to automate everything. Human input will always be needed to some degree. But by incorporating automation into a strong security incident response plan, your business will be much better equipped to deal with the many security challenges it will inevitably face moving forward.

Don’t take chances with your enterprise security. Protect your data and your future with IT Process Automation.





eBook: 5 Reasons You Should Automate Cyber Security Incident Response