"DFlabs' IncMan Security Automation and Orchestration platform automates, orchestrates and measures threat management and containment for Security Operations Centers and CSIRT."
DFlabs is a pioneer in Security Automation & Orchestration technology, leveraging your existing security products to dramatically reduce the response and remediation gap caused by limited resources and the increasing volume of threats and incidents. DFlabs is the only technology able to manage and reduce the overwhelming security complexity of your technology infrastructure.
DFLabs IncMan provides a centralized, automated, intelligence-driven command and control security automation and orchestration platform that spans the entire lifecycle of incident detection, threat investigation, and orchestration of response. Security operations center (SOC) and computer security incident response teams (CSIRT) analysts, forensic investigators and incident responders use IncMan to respond to, track, predict and visualize cyber security incidents. The platform also enables security managers and CISOs to oversee, manage and measure operational performance and cyber risk across every individual phase of the incident response workflow through role-based dashboards, customizable widgets, and nearly 150 KPIs and reports.
DFLabs’ IncMan Security Automation and Orchestration platform enables you to manage, measure and orchestrate security operations tasks including security incident qualification, triage and escalation, threat hunting & investigation and threat containment. IncMan harnesses machine learning and automation capabilities to augment human analysts to maximize the effectiveness and efficiency of security operations teams, reducing the time from breach discovery to resolution and increasing the return on investment for your existing security technologies. We’re also the only company which automatically creates and builds Incident Automated Response Knowledge (ARK) Base using machine learning, including for multi-tenant SOC’s.
Our vision is to enable full-spectrum intelligence-driven command and control of your security operations, orchestrating the entire incident and investigation lifecycle for SOC and CSIRT teams, with technology that empowers security analysts, forensic investigators and incident responders to respond to, track, predict and visualize cybersecurity incidents, and for security managers and CISO’s to manage and measure operational performance and cyber risk.
The solution offers a full bidirectional SOAP API.
DFlabs provides use guides and full customer support.
The solutions supports role-based access, multi-user management and multi tenancy.
Linux, Hypervisors and Cloud IaaS Services.
IncMan integrates with over 50 3rd party security technologies via bidirectional API's. These include solutions such as Cisco Umbrella, Carbon Black, Splunk, LogRhythm, VirusTotal and Threat Connect.
DFLabs IncMan platform enables organizations to address the three main challenges security operations teams face today: (1) How to manage the sheer volume of alerts and incidents generated; (2) How to achieve visibility into acute threats and prioritize them; and (3) How to effectively accomplish this, along with remediation, with limited resources.
SIEM, UEBA, EDR, Threat Intelligence Services, Firewalls, Web Gateways.
Security Operations Centers; Computer Security Incident Response Teams; Security Operations Teams; Security Analysts; and Incident Responders.