Ignition Technology announced has its partnership with Siemplify as its distributor to bring its security orchestration, automation and response (SOAR) technology to the Managed Security Services Provider (MSSP) community across the UK.
“As the MSSP market matures, customers are increasingly expecting more than just the delivery of alerts – ultimately, they want their MSSP to chase down these alerts and, if needed, carry out the remediation work to both stop the attack and fix the underlying issue,” said Sean Remnant, CSO for Ignition Technology.
“The issue is that resolving every phishing email or suspicious login is time consuming – and in many cases, requires significant human intervention from a skilled security analyst. This process is difficult to scale while remaining cost efficient so what happens is that some MSSPs may end up cutting corners due to the sheer workload.”
The Siemplify SOAR platform combines security orchestration, automation, and response with end-to-end security operations management to make analysts and security engineers more productive. “Platforms such as Siemplify do more than just sort the wheat from the chaff but also carry out certain remediation steps in an automated way that can dramatically reduce a security analysts’ workload – and ultimately – better serve the end customer,” Remnant added.
Siemplify reportedly uses patented technology to continuously analyse alerts from all sources, identifying common entities indicative of a coordinated attack, allowing MSSPs to focus on threats rather than alerts. When real threats are detected, Siemplify automatically combines contextually related alerts into a single case, which typically reduces the caseload of a security analyst by up to 80%.
“Technically speaking, Siemplify is one of the most advanced products of its type in the market, but potentially as important is that following a round of consolidation in the related SIEM market over the last two years – Siemplify has remained independent and uses open API’s to allow an MSSP to tailor it to their own environment, and the wide array of cyber security products they and their respective clients may have in use,” Remnant explained. “Whether that’s Palo Alto, Checkpoint, Fortinet or whatever – Siemplify is agnostic and wants to engage with the widest possible security vendor ecosystem which is great for partner choice.”
The solution also supports integration with third-party ticketing and helpdesk systems including ServiceNow, BMC and Jira. Ignition will work closely with Siemplify to both grow and enable the fledgling UK channel including pre, and post-sale support, integration best practice and advanced training.
“Ignition is a perfect partner for our continued growth within the UK MSSP community as we share many of the same values around helping partners use automation to overcome the challenges we all face with recruiting and retaining skilled staff,” said Wayne Geockeritz, VP Global Channel Sales for Siemplify.
“As more organisations turn to MSSPs to deliver a broader range of cyber security services, security orchestration, automation and response is becoming vital in helping providers to focus on the critical events and better utilise their expertise. But on a very human level, security analysts already have a difficult job and if an MSSP hopes to get the best out of these skilled practitioners, it is vital that they give them the right tools to get the job done!”