AlgoSec has announced a new integration with the IBM Resilient Incident Response Platform (IRP), enabling organizations to tie security incidents and attacks directly to the business processes that could be impacted.
AlgoSec’s integration provides security analysts with the ability to enrich the Resilient IRP with critical business and network context to immediately assess an incident’s potential business impact, and to prioritize and automate remediation efforts accordingly.
Leveraging Resilient’s open application programming interfaces (API), the AlgoSec integration with Resilient allows joint users to:
- Quickly highlight in the Resilient dashboard which applications are impacted by an incident, and how business critical those applications are;
- Automatically associate security incidents with the applications, servers, network connectivity flows and security devices impacted by an attack;
- Identify network connectivity to and from compromised servers, such as connectivity to the internet or to sensitive networks;
- Automatically implement change requests to quickly isolate compromised servers from the rest of the network and the public Internet;
- Get key insights to assist with cyber threat forensics and compliance reporting.
With this new integration, security analysts can quickly reduce the impact of attacks on the business. The AlgoSec integration for the Resilient IRP helps block attempts at data exfiltration and makes it more difficult for hackers to move laterally within the network from affected servers. The integration helps organizations to streamline and accelerate their IR processes by automating time-consuming security changes and proactively analysing business risk.