ThreatOps™ Incident Handling and Response

Solution Brief

The ThreatOps™ solution accelerates incident response by adding repeatable playbook functionality to the ThreatDefendTM platform. The ThreatOps solution is an add-on license to the BOTsink® or ACM appliances and is designed to combine and automate technology and processes to streamline and improve incident handling and attack investigation. The solution works by gathering attacker engagement information from the BOTsink deception server, memory forensics, and other sources, empowering security staff with the ability to create and de ne playbooks based on their security policies.

This solution brief will go into more detail about the following topics:

  • Investigation Automation
  • Playbooks, Automated Incident Reponse, and Remediation
  • Integrations for Automated Incident Response 

To read more, please fill out the form and the full assesment will be sent to your email address.

Additional Resources

Here are some resources that have recently been downloaded by other professionals. 

Introduction to Deception Technology and Attivo Networks

A brief introduction to deception technology and the Attivo Networks Deception and Response Platform