The new Securonix Investigate is powered by Polarity and embedded in the Securonix Next-Gen SIEM platform. Securonix Investigate is an integrated SIEM, SOAR and Investigation offering that will enable SOC teams to inspect threats identified by Securonix and take rapid action, reducing the meantime to respond by nearly 50 percent and thereby improving operational efficiency.
Securonix Investigate enables the Security Analyst to extract on-demand context from Securonix Threat Labs intelligence as well as additional internal and external sources for in-flight investigations. This eliminates the need for security teams to comb through multiple data sources or develop playbooks when additional or new context is needed. Analysts can annotate their findings within the investigation workflow to share knowledge of their investigation without pivoting to external tools like ticketing, email, or messaging platforms.
Adding Polarity’s investigation capabilities to Securonix’s Security Analytics and Operations platform enables analysts to rapidly investigate and prioritize threats by providing the data analysts need to make faster and more consistent decisions, all from a single console.
The key features of Securonix Investigate include on-demand enrichment of data against contextual information repositories: Identity, Threat Intelligence, Geolocation, Historical Analyst Observations; ability to have analysts annotate, document, and share observations made during investigations; reducing the dependency on SIEM/SOAR configurations for data and alert enrichment; and Information sharing channels that can be used for blue, purple, and red teams, as well as intracompany and intercompany communications.
Securonix Investigate strengthens the collaborative fabric between analysts and hunters, allowing them to save and share the knowledge and experience that is often lost during analyst turnover, reduce investigation fatigue, and minimize duplicative efforts.
Polarity’s investigation capabilities in Securonix Investigate empowers Security Analysts and Threat Hunters throughout the investigation phase. When investigating an incident, analysts need on-demand context during their analysis to better understand threats and communicate key findings across the team. By automatically enriching content and streamlining information sharing, Securonix Investigate provides the comprehensive visibility and context needed to shorten investigation times.