INCIDENT RESPONSE PLATFORM
Solution developed by Diazero Security aims to act as an incident response center, acting on the alerts received and thus performing the initial assessment with machine learning. The portal has specific features to support incident response actions, such as the existence of a repository of alerts documentation that helps analysts in the initial understanding of the incident. Incident response guides containing all the procedures to be followed by the operation analysts are also stored.
METRICS
Reduced workload and false positives:
97,5%
Incidents handled per year:
5700+
Alerts handled by year:
580000+
HOW IT WORKS
The work of the Odin solution begins by receiving alerts related to anomalies identified by monitoring tools, then Odin performs an assessment on the alerts in an attempt to identify patterns that determine the type of appropriate treatment for the alert and whether there will be a need to open the incident in the portal.
Before opening the incident in the portal, the alert is correlated with an internal information base to determine which rule the incident should be linked to, its identification on the MITRE and the appropriate playbooks for action.
From this moment on, the incident will be available for treatment either by the Heimdall solution or by the operations team.
MITRE ASSESSMENT
With the implementation of Odin in your operation, you will have the MITRE map available, which aims to assist you in carrying out monitoring maturity assessments of your company, visually presenting gaps and discovered attack vectors.
MITRE ATT&CK® is a platform that provides a knowledge base with information on advanced attack tactics and techniques.
ATT&CK's knowledge base is used as a starting point for developing methodologies to address specific threats and deliver cybersecurity services.
With the creation of ATT&CK, MITRE is fulfilling its mission to solve problems for a safer world — bringing communities together to develop more effective cybersecurity. ATT&CK is open and available to any person or organization for free use.
BENEFITS
Service customization
Automated initial assessment
Reduction of false positives and initial operating load
Automated assessment based on MITRE
Centralized incident response tracking
Greater integration capacity
Talk to Diazero
If you need any information, just contact us by filling out the form below.