Managed incident response platform
Accomplish machine-speed incident response & resolution
A unified platform for enhancing security operations with threat intelligence integration, security orchestration, automated response and threat hunting
Managed incident response platform
A unified platform for enhancing security operations with threat intelligence integration, security orchestration, automated response and threat hunting
overview
Accomplish machine-speed incident resolution & seamless security operationswith our security orchestration, automation and response platform.
grow at scale
An effective platform for sharing key insights and other information with others for quicker resolution of events.
Book a Demoautomation
Leverage our automatic scoring mechanism to block threats in real-time and also allow it for manual resolution.
processes
A versatile platform to configure complicated processes for seamless security operations.
FEATURES
Feature-rich platform designed to streamline your incident response and resolution process.
Flexible Deployment and Investment Protection
We support integration with the SIEM, EDR, Deception Technology solutions and Big Data Security Analytics by virtue of setting an API connection for the ingestion of events. Our solution brings in added flexibility by being able to consume different formats of IOC consumption and has been tested with REST API Integration by deploying Python Connectors.
Comprehensive Incident Response
There are well-defined incident response playbooks giving the options to the SOC team to orchestrate the action. For example, the admins can set up a threshold of 8 for the automatic action where the platform will reconfigure the firewalls, URL filtering solution, WAF, Antivirus hashes, Router ACLs, and Patterns for an Anti-Bot solution.
Multi-Tenancy support
MIR platform supports the Multi-Tenancy, which makes it a great tool for the Managed Security Service Providers (MSSP), where the administrative domains, customer portal, playbooks, assets, integrated threat feeds are specific to the tenant on the MIR Platform.
Threat Feeds Integration
The platform receives the events as IOA/IOP from the SIEM or BDSA. In such case, integrated multiple Global Threat Feeds will be used bythe Multivariate AI Engine to enrich the event with the attribute of Risk Score.
Incident Response Playbooks
MIR is shipped with ready-to-use Incident Response Playbooks for the use cases of Phishing, Brute Force, Volumetric HTTP DDOS, Ransomware, Golden Ticket, Silver Ticket, APT1, APT12, APT 18, APT28, APT33, Cobalt Group, DarkHydrus, and Magic Hound.
Geographical Insights
All the Threat Intelligence Feeds ingested on the MIR Platform carry the IOCs country of origin and target attributes. This helps plotting the Geo Trends of the IOCs from both views as Source countries of Attacks or the Destination countries of Attacks depicted as IOCs.
Multivariate AI for Event Enrichment
We assign the risk scores on the scale of 1-10 for each of the detected indicator of attack or pivot (IOA/IOP). This score is assigned on the basis of the characteristics picked by analytic tools, like SIEM, BDSA etc., heuristics, and severity of the event classifiers.
Threat Hunting and Orchestration
The platform is integrated with Virus Total, IBM eXchange, AlienVault OTX, and OSINT for harvesting the information for each of the potential threat events. Generally, we propose to our customers to harvest the learnings from the Threat Hunting for the events with a risk score lesser than 8.
Reports and Real-Time Dashboards
MIR offers intuitive, CISO and Security Managers’ friendly real-time dashboards. These dashboards depict the effective executive summary views, timeline views, various data charts, graphs substantiated with the time window filters (like hours, days, weeks, monthly, or yearly) for the 24x7 monitoring. For the reports or understanding trends over time with historical reports, it supports the PDF reports for the select time windows.
.svg)
