Q1 2024 Milestones: What’s New at Securonix

At Securonix we are always pushing the boundaries of what our Unified Defense SIEM can do for our customers. Our vision is to protect the world from cybersecurity threats, so we aim to continuously improve our product to help you stay ahead of emerging threats. While expanding threat coverage we have also invested in improvements that make cybersecurity less complex. As another quarter comes to a close let’s take a look back at a few of the capabilities we’ve released:

Enterprise-Ready Solutions

This year we are enhancing our Unified Defense SIEM with smoother operations, the ability to self-heal, faster deployments, and expanded API support. In 2024 we will continue improving our platform to seamlessly integrate with your existing IT infrastructure to support large enterprise needs. Here are some of the product updates made in Q1 to help scale your security operations.

Cloud Native Hub

We’ve enhanced our RIN to make your experience more seamless than ever. Now, you can collect and respond to data on-premise and get automated updates. This next evolution of our RIN gives you valuable insights into your operations with built-in observability and lets you optimize your SIEM’s performance with connectors that auto-scale to maximize CPU and memory. Look for more updates as we add the ability to deploy containers in the near future.

Learn more about what’s included in our RIN update in our upcoming webinar.

 

Documentation Portal Supports Zoomin GPT Search

The Securonix Documentation Portal now supports Zoomin GPT Search, which uses OpenAI’s breakthrough technology to offer highly relevant results to your search queries. In order to generate an answer, Zoomin GPT Search uses the entire spectrum of content consolidated in the Securonix Documentation Portal, including content presented in tables. Zoomin GPT’s answer is presented alongside the standard search results and takes into account any search filters that have been applied. The Portal’s intelligent keyword extraction provides OpenAI with the required context to retrieve highly relevant results, so you can quickly get answers to your questions.

 

Usability, Adoption, and Faster Time to Value

In today’s dynamic security environment agility is paramount, which is why our focus remains on streamlining UX and expediting deployment for our customers. We’re helping SecOps gain efficiencies with a more intuitive and user-friendly interface, paving the way for reduced Mean-Time-to-Detect (MTTD) and Mean-Time-to-Respond (MTTR). Here’s what’s new this quarter:

Ultra Fast Hunt

Introducing Ultra Fast Hunt, a new feature tailored for organizations that prioritize Threat Hunting. This feature allows you to search through thousands of threat intelligence indicators at a fraction of the speed from before. With response times measured in sub-seconds, it enables swift investigations to identify potential threats within your environment promptly. Leveraging Ultra Fast Hunt you can streamline workflows without the need to sift through extensive historical data sets. Unlike traditional SIEMs and SOARs, our approach emphasizes fast historical checks for indicators of compromise, enhancing your ability to detect zero-day threats and identify breaches early on.

See Ultra Fast Hunt in Action

MITRE ATT&CK Coverage and Policy Improvement

Securnix offers the most MITRE ATT&CK coverage out-of-the-box in the SIEM market. Our policies provide customers with an impressive 52.81% coverage and encompass over 300 techniques across the ATT&CK framework. By aligning our OOTB detection policies with MITRE ATT&CK, we empower you to swiftly identify and counter a wider range of threats, enhancing your security. We aim to provide you with clear insights into the attack process and current status, empowering you to grasp the severity of the situation. This includes understanding how close threat actors are to causing damage or gaining access to sensitive information. This coverage outpaces competing SIEMs in the market and helps you to stay aligned with industry best practices. Our commitment to providing leading MITRE ATT&CK coverage will continue throughout 2024 and beyond. 

Guided Detection Lifecycle

This feature gives you insights and guidance on the impact of new detection indicators developed in the SIEM by highlighting configuration improvements and data dependency validations. To achieve this, we’ve implemented guardrails to prevent the activation of misconfigured policies. Additionally, our validation framework now catches any misconfigurations at the time of policy creation. Guided Detection Lifecycle also ensures that essential Lookup/TPI fields are not left empty. These capabilities ensure that any misconfigurations are addressed before policies are enabled, providing more reliable cybersecurity.

Comprehensive Security Platform

At Securonix we aim to arm organizations against the ever-changing tide of cyber threats. Our advanced capabilities, including precise threat detection and swift response, empower you to stay ahead of malicious actors. Below are some of the improvements to our platform we’ve made to increase scalability and to offer a more comprehensive solution. 

SOAR Lite

As an innovator in the SIEM space, we are always looking to arm organizations with best-in-class detection and response. That is why Securonix is expanding the response and orchestration capabilities that come natively with our SIEM and UEBA products. This new feature, SOAR Lite, is designed to allow you to develop simple playbooks and seamlessly extend your existing automation processes with no daily limits. In fact, Securonix is the only SIEM provider offering embedded SOAR capabilities without imposing additional cost or usage restrictions based on daily limits.

SOAR Expanded Integrations

Securonix has enhanced SOAR capabilities within our latest product update, designed to elevate your cybersecurity defenses. With expanded support for threat models and incidents, compatibility with Python, and the ability to schedule playbooks, Securonix offers practical solutions for proactive threat mitigation. We’ve also integrated 50 new integrations across key areas such as endpoint security, network security, IAM, email, case management, TPIs, and vulnerability management. This comprehensive approach ensures that all major threat vectors are covered, providing peace of mind for your enterprise security operations.

Expanded Content Coverage

In Q1 we have expanded coverage, here are some highlights:

  • Identified 419 emerging threats, codified and swept more than 12,967  TTPs/IoCs, and saved customers 167 average man hours per month with Autonomous Threat Sweeper.
  • Increased threat content coverage by enhancing and releasing 9 new parsers, and 7 new SOAR playbooks covering top use cases.
  • Published 4 major advisories and threat research articles

Policy Watch

Policy Watch helps you maintain ongoing security governance, and manages risk, while driving continuous improvement in your organization’s cybersecurity efforts. With this new feature, you gain access to comprehensive health reports detailing the status of policies within your production system. These reports help you identify issues early and cover a spectrum of insights, including potential noisy policies, silent policies, and performance-intensive policies. You can now pinpoint inefficient policies and elevate your threat mitigation strategies while improving the overall health of your production policies.


We hope you are as excited about the new features we have rolled out as we are. We remain committed to providing the best possible service and solutions to meet your business needs. Have questions? Reach out to your account manager or schedule a demo to see any of these features live.