The visual designer enables cyber architects, analysts or developers to quickly design workflows, playbooks or checklists with conditional states and transitions. Developers can quickly develop custom tasks or activities with custom data types to add rich functionality and create integrations to existing systems.
The orchestration engine executes multiple workflows triggered from multiple sources by creating and running instances within an isolated or shared context which can be scaled horizontally. The platform is solution and OS agnostic. The notification manager publishes every step of the instance's life-cycle and tracks logs for auditing and reporting.
The visual service manager is a web application that leverages the orchestration tool engine's actions to present the end-users an interface to interact with the engine to upload and manage playbook definitions, custom activity libraries and data types.
Design-it-yourself low-code platform enables security architects, SMEs and analysts to create workflows and conditional tree algorithms with very little to no programming required;
Pre-integrated security controls reduce workflow design and setup time as well as coding by 80%; Built-in code controls and functionalities reduce custom coding efforts by 70%;
Built on standards that makes it customizable and extendible with basic .NET skills. No need for any platform specific training, and no limitation in functionality and programming with Python (ex: Qradar, Phantom, SNOW, Resilient);
Easily integrate with third party applications that accept web APIs such as Office 365 (SharePoint, PowerApps), ServiceNow, etc.;
Powerful low code capabilities to easily implement any business logic;
Architected to be containerized, easily scalable with Kubernetes orchestration
Our workflow engine is combined with a built-in incident case management tool which can also integrate with O365, Sharepoint, ServiceNow or other third party incident tracking solutions.
A true powerful BPM engine at the core of our platform. End to end security platform with API-first architecture. Easily integrate to SIEMs or other log sources through Web Hooks;
Anyone with basic .NET skills can create custom rules and triggers in a visual manner
Powerful automation capabilities which can run one or multiple workflows and sub-workflows with scheduling capabilities.
Our integrated security incident management tool can extend to cover an end-to-end cycle of a threat investigation and resolution, with the capability of retaining historical activities for future lessons learned and best practices. The playbook does not have to stop at the ticket creation step !
Horizontal scalability and deployable as container on orchestrators;
Hooks to Threat Events ! Elastic SIEM, Microsoft ATA, Sentinel, EDR and more !