New Swimlane service captures hard-to-reach telemetry and expands actionability

New Swimlane service captures hard-to-reach telemetry and expands actionability

Posted on

Low-code security automation company Swimlane LLC today announced a new service to capture hard-to-reach telemetry and expand actionability beyond closed “extended detection and response” ecosystems.

Swimlane Turbine brings a new approach to low-code service automation that its says is approachable enough for those with no coding experience and sophisticated enough to satisfy the world’s most demanding security teams. The platform is being pitched as a force multiplier for security operations that delivers the desired outcomes of XDR.

The company argues that historically, security orchestration automation and response or SOAR platforms have not been evaluated based on their throughput capacity. Turbine changes this with its ability to ingest, enrich and act on petabytes of data at machine speed.

Swimlane Turbine delivers the ability to unify complex environments by connecting with things that are typically siloed from a security perspective, such as cloud, the “internet of things” and edge computing. Two years in the making, the platform was designed with cloud scale and power in mind.

Turbine introduces strategic technology developments that deliver superior outcomes over existing XDR solutions, according to the company. Active Sensing Fabric in Swimlane Turbine helps organizations gather security telemetry and take action on changes in their environment closer to inception.

The Active Sensing Fabric capability enables security teams to create data-centric strategies to thwart attackers in near real time through big-data ingestion, pre-processing, inline enrichment and connectivity to hybrid and multicloud environments.

Active Sensing Fabric features include flexible webhooks that expand actionability by enabling products, vendors and services to push real-time communication into Turbine. New webhook listeners can be created directly in the playbook-building experience within seconds, Swimlane says, and they’re easily managed with flexible authentication options to cover various capabilities found in third-party tools.

Remote agent support in Swimlane Turbine allows customers to connect internal applications and systems to Turbine without configuring multiple virtual private networks or complicated networks. Remote agents are dynamic sensors that enable the intelligent collection of hard-to-reach telemetry sources to speed up the mean time to repair by taking action directly at the source.

Autonomous integration support allows customers to connect to any application programming interface without assistance. Once the instant connection is established, the customer can see the list of actions it is capable of, the data and identity types it can send and pull these actions or triggers into a playbook. Turbine also offers connectors that facilitate stable, scalable and secure connections to any API in a customer’s environment.

One of the service’s key selling points is adaptable low-code playbooks that enable Turbine customers to build modular, repeatable playbooks that enrich and process real-time data while bringing humans into the automation loop when necessary. Its human-readable condition builder codifies business logic and best practices without requiring code to be written.

“How XDR is delivered today fails to meet the needs of organization by not providing the breadth of visibility desired beyond a select number of threat detection vectors and simultaneously limits the ways in which organizations can respond to threats to that same small subset of tools,” Cody Cornell, co-founder and chief strategy officer of Swimlane, said in a statement. “Today’s threats are broad and multifaceted and with Swimlane Turbine, customers can extend their visibility for SecOps and take better advantage of investments made in security analytics and XDR to bring a broader range of telemetry into their security pipeline.”

Swimlane Turbine will be available for new cloud customers starting in July. Existing Swimlane customers can upgrade later this year.

Image: Swimlane

Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *