0
3.2.1
Yokohama Patch 3, Yokohama Patch 1, Yokohama, Xanadu Patch 7, Xanadu Patch 4, Xanadu Patch 3, Xanadu
Empower your SOC team with Generative AI capabilities for Security Incident Response.
- Expedite triaging of security incidents with long activity streams by reviewing work notes and contextual information quickly in a concise, easy-to-read format.
- Preview security incident details, their potential impact, and any key actions already taken with security incident summaries using generative AI.
- Automatically generate:
- Within the workflow and upon request the next recommended steps your analysts can follow to help them close a security incident.
- A post-incident analysis for a security incident that includes a root cause analysis, impact assessment, and learning and recommendations information.
- Closure notes for security incidents using generative AI.
- Access summaries and closure notes from the Now Assist panel, security incident records, or from the Security Incident Response Workspace.
New:
- Security Incident Resolving: This agentic workflow helps security analysts resolve security incidents by leveraging existing runbooks and historical security incidents. By analyzing similar past cases, it generates a clear and effective plan to resolve ongoing security incidents.
- SOC Efficiency Analyzing: This agentic workflow helps SOC managers assess the quality of security incidents and track the key performance metrics, providing insights to explain and improve SOC operations.
Changed:
Recommended Actions:
- Enhanced to incorporate a feedback option on the overall recommendation provided, which allows for continuous improvement of recommendations.
- The top (N) number of recommendation cards is displayed based on the configuration.
Required plugins and products:
- Now Assist for Platform v6.0.0
- Security Incident Response Core: v13.6.5
- Security Incident Response (SIR) Workspace: v1.7.0
- Recommended Actions for Security Operations: v1.0.2