TL;DR: Intezer now sends you a weekly Autonomous SOC Report with comprehensive insights about your alert pipeline, threat landscape, and tuning recommendations to reduce noise week-over-week.
At Intezer, we’re always looking for ways to improve, automate, and streamline your security operations. We’re excited to announce the launch of our new feature: the weekly Autonomous SOC Report. This feature is designed to provide you with a comprehensive overview of your security posture, offering insights into your alert pipeline, threat landscape, and tuning recommendations.
Visibility for Your Alert Pipeline
One of the key benefits of the Weekly Autonomous SOC Report is the visibility it provides into your alert pipeline. You’ll be able to see how many alerts have been generated in your environment and how many of these were false positives. This information is crucial for understanding the effectiveness of your security measures and identifying areas for improvement.
Tuning Out False Positives
One valuable aspect of the Weekly Autonomous SOC Report is the tuning recommendations. Based on the alerts triaged the past week and other data collected, you’ll receive recommendations for file hashes to exclude and other rules to apply to your endpoint security tool. These recommendations are designed to help you tune your Endpoint Detection and Response (EDR) system, making it less noisy and more effective week-over-week.
For example, one of our clients got a recommendation to exclude a certain file hash that was deemed as false positive by Intezer and comprised 17% of their entire alert volume.
Transparency Regarding Intezer’s Autonomous SOC
We believe in transparency. We know you want to understand what Intezer is automating, decisions it is making, and see Intezer’s investigation findings for yourself.
That’s why the Weekly Autonomous SOC Report includes detailed information about what Intezer’s Autonomous SOC has done for you in the past week. You’ll see how many alerts were automatically triaged and how many got annotated with Intezer’s assessment. This allows you to understand (and also showcase externally to your board or managers) the value that our Autonomous SOC brings to your security operations.
Visibility for Your Threat Landscape
Understanding your threat landscape is essential for effective security. The Weekly Autonomous SOC Report provides insights into the most attacked endpoints in your environment and the most prominent threat families. This information can help you prioritize your security efforts and focus on the most significant threats.
Get Started with Your Autonomous SOC Report
The Weekly Autonomous SOC Report is a powerful tool that enhances your visibility into your security operations, provides transparency about the work of Intezer’s Autonomous SOC, and offers valuable tuning recommendations. We’re excited to see how this new feature will help our customers improve your security posture and streamline your operations.
If you are already an Intezer customer, your account admin should receive a weekly email as mentioned in our official Autonomous SOC Report documentation and you can add other contacts you need to get the report.
Stay tuned for more updates from Intezer, as we continue to innovate and enhance our offerings to provide you with the best possible solutions to save you time and make your SecOps more efficient and effective.